Spyware, Unchecked

Are unable to stop the attacks

Despite having technology and procedures in place to prevent and remediate attacks from spyware, many companies still have difficulty stopping the threats, researchers report.

According to a new study published Nov. 13 by Ponemon Institute, based on interviews of more than 500 North American IT security professionals, a resounding majority of workers admit that their companies are still plagued by problems related to spyware.

Some 47 percent of respondents to the survey indicated that their companies are incapable of removing spyware from their networks once attacked, with 35 percent saying their employers cannot prevent many spyware infections in the first place.

Only 19 percent of respondents indicated their companies are effective at defeating spyware, with 40 percent of respondents claiming that their companies are able to ward off spyware attacks with frequent success, according to Ponemon, in Elk Rapids, Mich.

Spyware programs typically try to hide inside computer systems to track users Internet habits and provide data to advertisers. In addition, spyware increasingly is being built to steal personal information that is used for identity fraud. Businesses are also dealing with a growing number of spyware programs that steal sensitive corporate data to sell off as intellectual property or to demand ransom payments for the informations return.

According to the Ponemon report, organizations failures to block and remove spyware cannot be blamed on a lack of effort. Some 83 percent of respondents said their companies had full-time anti-spyware initiatives in place. However, many of those initiatives appear to consist only of attempts to improve workers computing habits or the use of anti-virus software to address the issue, as only 24 percent of representatives of those companies said they use security applications specifically designed to stop spyware.

Part of the problem in containing todays increasingly sophisticated spyware, including rootkits, is that many companies believe they are already sufficiently defending themselves, said Larry Ponemon, company chairman and author of the report. While many packaged anti-virus products have added anti-spyware capabilities, those tools may not be doing enough to stop the attacks, Ponemon said. Still, executives do not appear to see the logic in bringing additional anti-spyware tools in-house.

Another problem is that many laptops become infected while outside protected corporate environments. Without near-constant scanning, this allows the most sophisticated programs to slip through the cracks, Ponemon said. Some 98 percent of companies using anti-spyware technologies listed firewalls as their primary line of defense, which is problematic since most of todays attacks are written to exploit security vulnerabilities in firewall products, he said.

"Several years ago, when the spyware program was first widely publicized, we saw a lot of firms spending money on tools to fight it, and a lot of those companies have not looked at spyware as a unique problem again since that time," Ponemon said. "We also see a challenge where many companies are viewing adware and other crimeware as unrelated issues, but the methods used by attackers have obviously brought all these elements together, and spyware has become much harder to stop."