RealTime IT News

Spyware Sneaking into the Enterprise

Once considered strictly a consumer issue, spyware is sneaking into the enterprise, eating up bandwidth, pumping out unwanted pop-ups, crashing employee computers and potentially posing a risk to sensitive corporate data.

"It's rapidly turning into a very serious problem. Last year, it was mostly annoying with all the pop-ups, but now it's leaving behind more serious problems," Gartner analyst John Pescatore told internetnews.com. "In the last six months, it's one of the top questions we're getting."

Spyware is an all-inclusive term for surreptitious programs that often piggyback onto a user's computer on an otherwise authorized download. The most benign form is adware, which collects personal data and reports Internet traffic patterns to advertisers.

Marketers claim permissions-based adware holds great potential for targeted advertising. A number of major advertisers have dabbled with adware as a means to reach Web surfers.

The more dangerous forms of spyware capture keystrokes or hijack homepages to serve as platforms to steal passwords and e-mail, as well as to pry into corporate records.

Compounding the problem is the fact that firewalls don't prevent spyware from being installed, although they can keep the uninvited program from sending out any information it has gathered. Anti-virus programs do not detect the presence of spyware.

"Employees often download precisely the kinds of applications that include spyware," a recent Forrester research report states. "Surveys of IT staff reveal that spyware is not only present on corporate PCs but that it is causing problems, as well."

"There are more options in the enterprise to stop it, but it's something enterprises are starting to worry about," Jan Sundgren, the author of the report, told internetnews.com. "A lot of employees might have it on their desktops. Even if it is not sending out information, there can still be all sorts of related issues, like bandwidth and the use of resources."

According to Sundgren, the main problems associated with adware include unwanted advertising traffic sucking up valuable bandwidth; loss of employee productivity as users fight pop-ups; and balky, infested browsers resulting in more work for beleaguered help desks.

"Increased workload [for help desk personnel] is the main effect of adware," Gartner's Pescatore said. "The more malicious form of spyware is where the real risk is to the enterprise.

"The potential of competitive intelligence and/or regulated information being stolen by targeted spyware attacks is obviously a serious threat," added Sundgren.

In addition to spyware threats from within the firewall, both Sundgren and Pescatore said the increase in at-home and mobile employees is bringing even more spyware into the enterprise. Without a personal firewall, keystroke-logging programs steal employee passwords, which allows bad actors to dance right into the enterprise.

State legislatures, the Federal Trade Commission (FTC), the U.S. Congress and the private sector are all stepping into the breach.

The FTC says the solution is better technology and training and education about spyware, not state or federal legislation. Ignoring that advice, Utah has already passed an anti-spyware bill and federal legislation is currently cooking in Congress.

The consumer anti-spyware programs the FTC has recommended have been available for several years, but enterprise versions are just now reaching the market. The industrial-strength programs provide for centralized administration and reporting, allowing security administrators to establish, monitor and enforce policies across all desktops.

Symantec and Network Associates are both adding anti-spyware components to their enterprise packages. And in early June, PestPatrol, a consumer anti-spyware dealer, released what it calls the "industry's first centrally managed anti-spyware solution for corporate networks."

"With this version, we separated the management interface from the scanning engine, which allows the administrator to scan entire network desktops with extremely compact and efficient executables," said Roger Thompson, vice president of product development for PestPatrol.

According to Thompson, at least "50 to 60 percent" of enterprise systems have unsolicited adware embedded on user computers. Detection and removal require specialized programs, because another insidious effect of spyware is that it installs itself very deeply in a system, sometimes creating thousands of registry entries.

"It reminds me of the early days of the anti-virus industry," Thompson said. "People know something about it, but not a lot. There is no doubt it is a corporate issue. We can see the pull by the number of companies wanting to know more about it."

Thompson said he supports a combination of legislation and technology to harness the spyware problem for both consumers and corporations.

"Four years ago, spam was just a nuisance. Now, without legislation and technology, most people's e-mail systems would be unusable," he said. "Maybe people just need to be smacked a bit."