Spyware threats skyrocket for enterprises
- By Jason Turcotte
- June 14, 2006
An Aladdin Knowledge Systems study released this week shows spyware is the fastest-growing
threat to enterprises, increasing more rapidly than Trojans, viruses and other
risks. And experts believe spyware will stick around.
“It’s not a safe world out there anymore,” says Andrew Jaquith,
senior analyst in security solutions and services, The Yankee Group. “Spyware
is a durable trend and it’s here to stay.”
The study spearheaded by Aladdin’s Content Security
Response Team shows a 213 percent jump in spyware threats, climbing from 1,083
in 2004 to 3,389 in 2005. The number of malicious threats deemed Trojans grew
142 percent, and the industry saw a 56 percent jump in viruses and other threats.
Jaquith said spyware’s stronghold shouldn’t come as a surprise
but experts failed to predict just how lucrative it would become. He estimates
that for every program claiming to clean up spyware, three or four lie about
Last March the governor of Utah signed the Spyware Control Act, which bans
the installation of the software without the user’s consent. A similar
law took effect in California, subjecting violators to $1,000 fines. But few
have been reprimanded and, until more states consider regulation, the threats
“I think it’s important to step back and find out why we have a
spyware problem,” Jaquith says. “There haven’t been any guardrails
on running applications, essentially.”
Swift-moving spyware has the ability to intercept or control a computer’s
operation, without consent from its end user. These malicious threats often
engender computer crimes and fraud. And according to a 2005 Aladdin study, 15
percent of spyware threats steal passwords and log keystrokes while attempting
to gain access to passwords, user names, e-mail addresses and instant messaging
Jaquith says spyware’s success, in part, can be attributed to its widespread
targets, affecting every day people – small business owners, enterprises,
and even your grandmother.
“Spyware isn’t something that happens to bad people who view porn
on their lunch break,” Jaquith said.
And which are the most common threats? Rogue antispyware apps, such as SpyDeleter,
SpySpotter and Spyware Cleaner, falsely claim to clean and repair files infected
by spyware. A hybrid threat known as Gokar.w infects systems through mail and
information theft, and has the capability to send out spam. Gokar.w. infection
occurs when an end user browses certain Web pages.
A common image file format known as Windows Meta Files (WMF) is particularly
vulnerable to spyware. Last December, it was discovered that a large pool of
WMF files had automated the spyware installation process after end users viewed
an image on a Web page or through an e-mail.
Though the spyware situation may look bleak, Jaquith says steps can be taken
to help parry an attack. Those who invest the most in security are often the
most prepared. He says enterprises in the aerospace, defense, investment banking
and healthcare industries are better prepared than other sectors.
He suggests using alternate browsers, which, because of less usage, are less
vulnerable than Explorer. Enterprises should also supplement antivirus coverage
with antispyware tools, implementing more than basic signatures. And companies
should lock user paths to prevent administrative rights on employee computers.
According to Aladdin’s report, 2005 yielded a total of 16,623 new pieces
of malicious code or an increase of 90 percent from 2004. But the study does
offer a silver lining: “although the total numbers have increased, 2005
was characterized by fewer large-scale virus and worm outbreaks than seen in
Jason Turcotte is an assistant editor at Application Development Trends. He can be reached at [email protected].