Spyware Menacing Workplace Computers
May 17, 2006 11:56 AM PT
During the last 12 months, nearly 20 percent of organizations have had employees launch a hacking tool or a keylogger within their network, according to new research released by Websense this week. That figure increased from 2005, when only 12 percent were impacted.
A keylogger is one of the most dangerous types of spyware in existence. It has the ability to record keystrokes and screen shots that can be replayed later to reconstruct a user session. These applications can be used by hackers to steal passwords and confidential information, which can then be used to provide full access to corporate systems and files.
"Although employee awareness of Web-based threats such as phishing attacks and keyloggers is improving, the vast majority of employees still do not know that they could fall prey to these types of social engineering tactics in the workplace," said Dan Hubbard, senior director of security and technology research, Websense.
"Organizations need to implement a proactive approach to Web security, which includes both technology to block access to these types of infected Web sites and applications, as well as rigorous employee Internet security education programs," he said.
Spyware Spawning Trouble
Upon evaluating how the IT security landscape has changed in the past 12 months, spyware within the enterprise continues to be a problem -- 92 percent of IT decision-makers surveyed estimated that their organization has been infected by spyware at some point, compared to 93 percent in 2005, according to Websense.
"We certainly have seen an increase in spyware and adware in the past year. About a year or so ago, we saw that there was a diversity of attacks. Then we started to see automation of these attacks that grew in scale and scope," Ken Dunham, senior engineer at threat intelligence firm iDefense, told TechNewsWorld.
Dunham reported the sheer scope of illegal installations has shot through the roof in the past year because it's difficult to prove that the spyware was installed illegally. Adware is a legitimate software that is being abused for criminal gain, he noted.
"This is the perfect hacker training ground, because they can learn how to hack and install code without much fear of accountability. Even if they do get caught, how are you going to prove that they performed all these illegal installations against all these different computers? These guys are in a good position to make money with a legal loophole that leads to lawlessness," Dunham noted.
Bot Threats Rising
The Websense survey also highlighted a new threat on the horizon -- bots. A "bot" is software that can be unknowingly installed on an end-user's PC that communicates with a command and control center. The command and control center has unauthorized control of many bot-infested PCs from a single point, and can be used for launching distributed Denial of Service attacks, acting as a spam proxy, and hosting malicious content and phishing exploits.
Only 34 percent of IT decision makers said they are very or extremely confident that they can prevent bots from infecting employees' PCs when not connected to the corporate network. Further, 19 percent of IT decision makers indicated that they have had employees' work-owned computers or laptops infected with a bot.
As bots are a relatively new threat to many IT decision makers, there is still some uncertainty over whether or not to filter bot traffic. Sixty-two percent of IT decision makers participating in the survey said their companies filtered bot traffic in their network; 14 percent did not; 24 percent were unsure.
The threat of phishing has stayed relatively constant in the past 12 months, with hackers utilizing new deception techniques to lure Internet users. Four in five IT decision makers reported in the latest survey that their employees have received a phishing attack via e-mail or instant messaging (IM), versus 82 percent in 2005. Nearly half of the current survey participants said their employees have clicked on the link to a bogus Web site, compared to 45 percent 12 months ago.
Perhaps due to increasing media coverage and nationwide attention, threat awareness is growing -- about half of employees have heard of phishing, compared to only 33 percent last year. Consistent with those figures, 44 percent of IT decision-makers believed that employees in their company could not accurately identify phishing sites -- a slight improvement from last year's survey in which 50 percent of IT decision makers believed their employees could not accurately identify phishing sites.