Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Spyware: The Next Real Threat

    Written by

    Ryan Naraine
    Published December 9, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      NEW YORK—Spyware will replace the mass-mailing worm as the biggest nuisance—and security threat—facing businesses in 2005.

      Thats the chilling assessment from Roger Thompson, director of content research security management at Computer Associates International Inc.

      Thompson used the spotlight of the InfoSecurity 2004 conference here to highlight the growing threat from spyware and adware “pests” and issue a call to arms for a unified industry approach to fighting back.

      “The only things multiplying faster than definitions for what constitutes spyware, is the malware itself,” Thompson said, warning that the threat from spyware will make mass-mailing viruses seem trivial.

      “The mass-mailers became a problem because they were spreading faster than we could issue updates to block them. Theyre still around today, but weve figured out ways to keep them at bay. They cease to be a real strategic threat to corporations,” Thompson said.

      Spyware, on the other hand, which uses covert techniques to install itself on computers and track user activity to serve up annoying advertisements, presents a legitimate threat because of the way malicious code can be executed on infected systems.

      Spyware, otherwise known as adware, has become the preferred delivery mechanism for malicious Trojans capable of relaying information to other computers or locations on the Web. According to anti-virus vendor Symantec Corp., spyware authors can actively or passively hijack user passwords, log-in details, credit card numbers and other sensitive personal information.

      Because spyware is often tied to peer-to-peer applications, experts warn that individual files or other corporate data could be stolen by spyware programs running on infected systems.

      “Your data is at risk and theres nothing we can do right now to stop it,” Thompson said. He confirmed a researchers recent findings that the best-performing anti-spyware scanner is not capable of detecting all the “critical” files and registry entries installed by the malicious programs.

      “Spyware is built for functionality. No one, except the spyware author, knows what the program is capable of doing. Theyre changing frequently and theyre becoming impossible to manage,” Thompson said.

      He explained that spyware writers use “tricklers” to silently reinstall spyware components after they are removed. “This makes it even worse than the mass-mailers. They change the components frequently and even when you remove registry key entries, the program simply reinstalls it,” Thompson warned.

      He said legitimate companies that market P2P applications such as Kazaa and Grokster have built spyware acceptance into complicated EULAs (end-user license agreements). “When you install the P2P program, you agree in advance to accept all future changes, even the changes made by the tricklers,” he said.</.P.

      Kazaa, which is distributed by Sharman Networks, has been fingered by CA as the worst pest on its spyware list. The Islandia, N.Y.-based CA reckons that Kazaa users suffer from degrading network performance and storage consumption because of the embedded spyware and adware that comes with the application.

      During his presentation at the security conference, Thompson predicted that malicious spyware writers will take advantage of P2P and instant messaging usage in the workplace to wreak havoc.

      While activities such as file-sharing or downloading shareware are currently viewed as a mere nuisance, Thompson warned that the industry cannot afford to ignore the growing evidence that spyware “will soon become an even bigger headache than viruses.”

      He suggested businesses treat any program that offers remote access as a potential threat. “Even the network management tools that you use to access desktops can be spyware in the wrong context.

      “Remember, a virus is a single program with a single registry key. With spyware, were talking about thousands of programs with lots of registry keys. We dont even know the motive of the spyware authors. Its very hard to find legitimate use for a spyware program, no matter how hard we try,” he added.

      /zimages/5/28571.gifClick here to read about CAs new anti-spyware software.

      He said spyware running on enterprise computers is an “enormous threat” because there is absolutely no knowledge of the kinds of data being transmitted to the mother ship. “Theyre usually working over Port 80 so nothing is stopping it. The possibility for corporate espionage is enormous.”

      Thompson said he believes the industry will benefit from the passage of anti-spyware legislation. Congress is debating four anti-spyware bills, including HR 2929, which was introduced by U.S. Rep. Mary Bono to require that users give explicit permission before tracking software is installed.

      “We need to monitor the activities of the adware purveyors to ensure they behave. The first step is to make sure we strengthen the rules for these companies. The fight back will be a combination of legislation and technology,” Thompson said.

      /zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Ryan Naraine
      Ryan Naraine

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×