A new study released this week indicates that nearly 28 “spyware” items infest each PC, demonstrating the broad proliferation of the secret software, researchers said.
Spyware is a rapidly proliferating type of software that covertly forwards information about a computer user’s online activities to another individual or company without the user’s knowledge or permission.
The new study was produced by EarthLink, one of the nation’s high-profile ISPs, and Webroot Software, a developer of award-winning privacy, protection and performance software.
Industry-Wide Spyware Audit
“When Internet users have questions about spyware, we want them to turn to the SpyAudit report as a reliable source of current information about this growing threat to Internet privacy,” said Matt Cobb, EarthLink’s vice president of core applications. The study, called the SpyAudit, is designed to monitor the growing threat of spyware.
“By tracking and publicizing the growth of spyware, we can better educate consumers of its risks and encourage them to take steps to protect themselves and their families while online,” said Christine Stevenson, Webroot Software’s vice president of marketing.
The report monitors the time frame of January 1, 2004 to March 31, 2004.
“Over the past three months, EarthLink and Webroot found more than 29.5 million instances of spyware,” said Cobb. “While most spyware is adware-related and relatively benign, it’s disturbing that over 300,000 of the more serious system monitors and Trojans were uncovered. This figure represents how real a threat identity theft or system corruption is for users.”
Experts suggest that these types of programs may infect up to 90 percent of all Internet-connected computers. Generally, spyware arrives bundled with some kinds of downloaded software, through e-mail or an instant message, or by someone with access to a user’s computer.
Once on a hard drive, the spyware can begin its nefarious activity the next time the user goes online. Unlike most software applications, spyware is difficult to detect and can be difficult to remove.
Startling Findings About Spyware
The startling findings of the report — based on scans of more than 1 million computers — were as follows:
- Total instances of spyware found: 29,540,618
- Instances of spyware per scanned PC: 27.8
- Adware installations on scanned PCs: 5,344,355
- Adware cookie installations on scanned PCs: 23,826,785
- System monitor installations on scanned PCs: 184,559
- Trojan installations on scanned PCs: 184,919
The two most common types of spyware are adware and adware cookies, the survey said.
Adware is any software application that runs advertising banners in the background while another program is running — often making it look like the ads are being served up by the current Web site you are visiting. Adware also might send data back to a third party, surreptitiously, without a user’s permission. Adware cookies, meanwhile, allow a Web site or software application to record surfing habits without user knowledge or consent.
EarthLink is offering a free-of-charge spyware-detection program, called SpyAudit, to consumers, giving them a detailed report in minutes. There are also several free spyware-busting applications available to consumers.
FTC Eyes Spyware Culprits
The private sector and the government are growing increasingly concerned about the potential threat posed by spyware.
The president and CEO of Symantec, John Schwarz, will participate on a panel discussing spyware and its ramifications as part of a workshop hosted by the Federal Trade Commission (FTC) next week, highlighting the level of attention that is being paid to this troubling issue.
Schwarz’s comments will focus specifically on the impact spyware has on information security and also will focus on the best practices the industry can use to address spyware as an Internet threat.
The panel discussion is entitled “Industry Responses to Spyware: Industry Best Practices and Working with the Government,” and is scheduled for Monday, April 19, 2004, at 2:30 PM in Washington, D.C.
Additional information about the entire workshop, entitled “Monitoring Software On Your PC: Spyware, Adware and Other Software,” can be accessed via the FTC’s Web site. The event is open to the public.
Congress recently held hearings about spyware, and said the software was an Internet version of trespassing on private property and ought to be outlawed.