Beware Spyware

Steer clear of sneaky software

Most people wouldn't want an anonymous company following them around and spying on where they went, what they bought and, perhaps, more.

Bad news: spyware software does exactly that but on the internet. Worse: users are the ones who actually install it, usually without knowing what it is.

Advertising Spyware

Let's imagine someone working in an office. For fun he installs a popular peer-to-peer file sharing application from the internet so he can download MP3 music files. He doesn't read the user licence (who does?) and the program installs a number of spyware applications alongside the main file sharing program.

Soon after, he notices that his internet browser has a new menu bar. He sees a lot more pop-up ads. His default web page and search engine are hijacked and take him to advertising sites. His computer and internet connection become slower. Behind the scenes, personal information about his computer habits is being uploaded to anonymous advertising companies.

All this makes money for the company that wrote the "free" file sharing application. It also generates an annoying, intrusive, difficult-to-remove nuisance for the user.

(As an aside, these kinds of file sharing applications are a problem in themselves. They waste bandwidth and employees' time and may create a legal liability for any company that allows their computers to be used to share pirated software or music.)

Surveillance Spyware

A more sinister form of spyware has emerged which enables corporate espionage and identity theft. While many of these programs, such as key loggers or remote administration tools, can be found on hacker websites there are, surprisingly, a large number of commercially available applications that do the same job.

These kinds of programs can bypass the best network security and, for example, give an outsider complete access to your files or transmit passwords or bank account information to criminals. Unlike advertising spyware, covert surveillance software covers its tracks and operates stealthily. "In terms of corporate espionage it's absolutely devastating," says Pete Sampson, ThreatLab manager at Clearswift, a security company.

Stamp Out Spyware

•	Make sure all new software is properly licensed, authorised and installed. Set and communicate a clear staff policy about not installing any other software.
•	In particular, ban file-sharing software such as BearShare, Grokster, Kazaa, LimeWire and Morpheus.
•	Educate users about the threat to explain the new policy
•	Scan for Spyware. Try: Spyware Blaster, Spy Sweeper or Spybot Search and Destroy. One popular program, called AdAware is good for dealing with advertising spyware but less effective at stamping out surveillance spyware
•	You can check for existing infiltrations using HijackThis and test other vulnerabilities using Symantec's online security test
•	Be paranoid about public-access internet terminals. Assume that there is spyware on them. So don't divulge sensitive information, such as passwords or bank details
•	Consider content filtering on incoming email. Applications like Clearswift's MAILsweeper will filter out spyware, spam and other nuisance content. Microsoft Outlook 2003 can automatically filter out spam and suspect email attachments
•	Run RegistryProt and BHODemon to stop spyware auto-running once it has been installed
•	In addition, you still need a multi-layered defence against security threats: firewalls, virus protection and up-to-date software
•	Unlike viruses, where there are relatively user-friendly applications which protect users, defences against spyware are still relatively technical and you may want to get expert help from your IT vendor or a security consultant

You can get more information on spyware, and download Microsoft's AntiSpyware tool.