Hoping to secure large corporate customers by addressing one of the fastest-growing Internet-related security threats, McAfee has launched an enterprise software product aimed specifically at identifying and eradicating spyware, adware and related programs.
McAfee’s Anti-Spyware Enterprise Edition Module comes just two weeks after rival Computer Associates unveiled a similar product based on technology it acquired when it bought PestPatrol. Proof that McAfee was cognizant of its competition might lie in the fact that despite being announced yesterday, the product won’t be widely available until late next month.
McAfee said its product, designed to be integrated with its existing enterprise-level antivirus scanners — with the two then able to be controlled from a single interface — will identify and squash spyware and adware programs as well as those that log keystrokes or attempt to give an attacker remote control of a computer.
Steve Crutchfield, director of product marketing at McAfee, said customers have reported spending an inordinate amount of time removing spyware products from infected machines and said that known problems might only be the tip of the iceberg since many users operate computers without being aware that such programs are running.
“Our enterprise customers are frustrated with the costs and manpower currently required to remove and protect themselves from potentially unwanted programs,” Crutchfield said. “The demand and requirement for an enterprise solution has been clear.”
According to research firm IDC, spyware now ranks ahead of spam, hackers and cyberterrorism as a threat to high-level networks. Most specific spyware removal and detection programs to date have been aimed at consumers.
Security experts say specific spyware-detection tools are needed because the people writing the programs have learned to disguise them.
“It’s getting more difficult to tell what’s legitimate code from what’s malicious,” said Ken Dunham, director of malicious code for iDefense. “Everyone would love to install one program to do everything, but comprehensive approaches have fallen short for just that reason. People learned to write around their flaws.”
Security measures have to walk a fine line when blocking potential spyware and adware because closely related code might simply be part of a Web site’s functionality, he added.
McAfee said its program uses a database of code signatures to identify potential spyware, with the library of malicious code constantly being updated and the most dangerous versions targeted first. While its library might not be as large as those of some other vendors, McAfee said some databases target largely harmless cookies that do little more than remember a user at any given Web site.
Gartner analyst Rich Mogull said that while they’d prefer a single solution that integrates all antivirus scanning, firewalls and other security protections, many enterprises are likely eager for any product that will address the spread of spyware.
“Companies know that 80 to 90 percent of computers have some form of spyware on them,” Mogull said. “With that in mind, any product that is a step above the consumer programs and freeware will see a lot of adoption.”
Spyware has risen rapidly through the ranks of security issues. Congress is considering several bills that would toughen spyware penalties, though those attempts are running into some opposition from the online marketing community, which worries that legitimate tracking programs that consumers agree to have placed on their computers will be lumped in with malware.
Meanwhile, the Federal Trade Commission recently launched its first prosecution against an alleged spyware and adware purveyor.