Spyware, an intrusive malicious software — or malware — application that slips into computers via free downloads and visits to some Web sites, is quickly becoming the second most troublesome computer malady after virus infections. Spyware can track Web surfing habits and send the results to purveyors of junk mail. It can scan hard drives for sensitive files and send them to a central location run by hackers. Spyware can slow down a computer so much that it renders the machine next to useless.
“There have been more new iterations of spyware the first quarter of this year than all of last year,” Roger Thompsen told TechNewsWorld. He is the spyware research expert for PestPatrol, which provides detection and removal products for spyware, adware, Trojans, hacker tools and other pests that antivirus, firewall and other security software can miss.
Spyware does more than invade a computer user’s privacy. According to Intermute CEO Edward English, maker of SpySubtract, Spam Subtract and AdSubtract, spyware is the digital equivalent of perverts staring into bedroom windows. “At a minimum, peeping Toms are all over our computers. Spyware software, once resident on a PC, can do almost anything. E-mail addresses and personal information like credit cards can be monitored, captured and transmitted. The sky is the limit as to what damage can be done,” he told TechNewsWorld.
The problems caused by spyware are not limited to consumers in their homes. Enterprise computer networks are just as vulnerable to spyware intrusions. Until now, there hasn’t been much in the line of defense for enterprise users. Corporate IT departments had to rely on the same array of antispyware products — either free or commercial — available to consumers.
However, an enterprise-strength version of a popular consumer protection for spyware known as Spy Sweeper by Webroot Software promises to arm corporate IT technicians with a new line of defense against spyware.
IT Issues Worsen
Spyware has proliferated across consumers’ computers to the point it is the number one cause of complaints at technical support centers for computer manufacturers. The spyware problem is spreading quickly to the enterprise level, consuming hundreds of hours of work by IT staffs to find and remove it.
At this level, spyware intrusion has the ability to cause damage that is exponentially greater. Identity theft at a personal level is bad. But theft of corporate data and IP bandwidth can devastate a company.
But the options to fight it are few. “There is a very limited number of antispyware products aimed exclusively at enterprise needs,” Webroot’s CEO David Moll told TechNewsWorld.
Given the number of workstations in an enterprise setting, dealing with the side effects of spyware poses monumental problems. The number one cause of system crashes is spyware, Moss said. The computing habits of employees result in the continual introduction of spyware to corporate networks.
Finding all the places on a hard drive where spyware hides is time-consuming. Virus infections are much more focused. Like virus scanners, spyware detection relies on cross-checking signature patterns against a database. But unlike viruses, spyware scatters its components much more extensively throughout a hard drive.
“The key element is the quantity of research required to update signature databases,” Moll told TechNewsWorld, adding that some spyware programs change signatures on a daily basis. “Spyware components can separate into 25,000 parts of files.”
As Webroot’s Moll sees it, spyware is to the Internet as spam is to e-mail. “Spyware is not about to go away soon. The financial market is backing it,” Moll said. “It is getting out of control.”
The spyware problem is gaining on enterprise users because the corporate workplace is slow to respond, Moll concluded. “It will take us a while to see the spread of spyware in the wild start to slow down,” he said.
The release in June of an enterprise version of Webroot’s Spy Sweeper offers IT departments a way to fight back. The new product’s client-server architecture provides centralized IT control with desktop agents that sweep for devious and malicious digital spies and eradicate them.
According to Moll, Spy Sweeper Enterprise enables corporations to detect and manage all forms of spyware. Spy Sweeper Enterprise helps companies mitigate spyware-related security risks, reduce mounting support requests and reestablish computing and network performance.
“It is no longer time- or cost-efficient to install antispyware products on individual computers in a corporate environment,” Lee Kennedy, vice president of enterprise operations at Webroot, said in a prepared statement. “It is increasingly important to provide centralized protection from spyware before it has a chance to harm corporate environments and compromise network security.”
How It Works
Spy Sweeper Enterprise detects and removes all forms of spyware, including adware, malware, Trojans, keyloggers, system monitors and more. Created to protect corporations and large institutions from spyware intrusions and their subsequent effects on productivity, integrity and confidentiality of data systems and networks, Spy Sweeper Enterprise is armed with a comprehensive spyware threat database to sniff out and eradicate more than 25,000 spyware traces.
Spy Sweeper Enterprise’s centralized administration console allows IT managers to efficiently and proactively protect their corporate networks from spy infestations. Through the console, IT managers schedule scans for spyware and seamlessly deploy updates, policies and sweep settings to specified groups.
For instance, the program can focus on laptop users outside the network. Using the unique auto-install feature deploys spy definition and program updates directly to the workstations without administrator intervention. Spy Sweeper Enterprise’s customizable reporting function allows administrators to run detailed reports on malicious threats found in the network.
Moll said the program is not complicated to configure. The heart of the detection system is a very sophisticated rules engine. He said the product is especially suited for anybody using servers for e-mail administration or client server functions.
“The hammer method doesn’t work any more. This product helps fit the need for individualized methods of spyware removal,” Moll said.