|
Add spyware to the list of urgent security concerns. With resources already stretched thin in fighting viruses, stopping spam, and complying with data-protection requirements laid out in federal regulations like Health Insurance Portability and Accountability Act (HIPAA), companies now also have to defend against a threat that strikes silently and does much of its damage before it's even detected.
Spyware is an executable program with a single objective: to secretly monitor a computer and surreptitiously report information on activity to anyone willing to pay for it. While it can serve a legitimate purpose for companies legally tracking user behavior, it's also an ideal tool for corrupting or stealing the sensitive business data residing on corporate PCs and systems. What's more, spyware can seriously degrade performance, reduce employee productivity, and impose extensive administrative expense. And spyware is virtually everywhere: Industry experts estimate that 90 percent of all employee computers harbor at least 30 spyware programs apiece. Whether it implants itself upon a visit to an unauthorized Web site or arrives as part of a worm's payload, spyware immediately sets out to perform its surreptitious functions.
Stopping unauthorized programs at their source and staying abreast of potential infections are critical in keeping spyware from doing harm. 8e6 Technologies helps on both fronts. Its R3000 Enterprise Filter network appliance is a flexible, highly scalable approach to identifying known spyware sites and blocking installation of suspicious programs. Thanks to 8e6's continuously updated library of spyware sites, it can be dynamically configured to recognize the latest threats. Simple setup allows rapid rollout as part of a comprehensive spyware defense, while an open-source OS rounds out the R3000 feature set. Additionally, 8e6's Enterprise Reporter appliance helps in developing the detailed reports on user activity that can aid in detecting spyware's presence. Together, 8e6's products can be deployed as an integral part of a company's overall approach to defending against spyware.
The Spyware Dossier
Spyware is not a new technology, and not all of it is malicious. On one end of the spectrum are programs that come bundled as part of a legitimate software package and that customers consent to run when they sign an end-user license agreement (EULA). Further, some of it is actually intended to help users: Software that tracks online activity, for example, is necessary in implementing the personalization features that so many users want.
On the other end of the spectrum is spyware that's clearly malicious. There is no other way to characterize programs that snoop files and systems for sensitive data. Some track keystrokes, so that credit card and other personal information can be stolen. Others can reconfigure browsers, install additional spyware, and even activate Webcams. Spyware is also living up to its name as a real-world espionage tool: North Korea has been identified as one of the nations using it to gather data on potential adversaries, sometimes even selling that information to international criminals who use it to launch distributed DoS attacks.
But it's the gray area in the middle that's causing problems for both the industry and the government in devising a comprehensive approach for dealing with spyware. At what point does surreptitious monitoring turn into breach of privacy? There's no disagreement over the threat posed by viruses, but opinion isn't nearly as united on spyware (some, for example, consider cookies an insidious form of spyware, while others say they meet none of the criteria). The U.S. Congress has introduced bills like the Securely Protect Yourself Against Cyber Trespass Act (SPY ACT) and Internet Spyware Prevention Act (ISPA), but they've had little effect simply because of the disagreement over what constitutes a malicious program.
In other words, spyware is here to stay: It's a relatively simple and inexpensive technology that when used by legitimate companies to legally track customer behavior, generates considerable revenue. The trouble is that those same attributes appeal to criminal entities looking to profit from its use in stealing corporate data. And they're the ones that companies have to be most concerned about.
Covert Operations
With spyware a permanent part of the landscape, it's incumbent on companies to learn how it operates, how to recognize it, and how to minimize the damage.
|
