      |
First there were computer viruses, then spam, now comes spyware to contend for the title of most annoying and potentially devastating Internet malady. While the problem is growing, most anti-spyware tools on the market still focus on individual workstations, making detection and destruction a tedious and time-consuming task. Help is on the way, however, with new network-ready anti-spyware applications and appliances offering centralized management and defense. In the meantime, a combination of education, policy, and available technologies will hold off this increasing menace until reinforcements arrive.
Defining spyware is in many ways a moving target. The term “spyware” has become a generic term covering three types of applications affecting web browsers: adware, spyware, and malware. Adware is typically a program installed with free/shareware that serves pop-up advertisements from a web browser. Spyware monitors your actions while browsing, more commonly used by marketers to know your preferences and tastes. Malware is the most vicious, intended solely to do harm to your computer and network. Some serve pop-up ads, others hijack sites (redirecting you to a site different from the one you wanted), while other more malevolent types “phish” for passwords, credit card information, and other personal information.
Spyware is often acquired by users failing to read the “fine print.” Clicking on a pop-up ad, filing out a web form, or downloading programs from the Internet like desktop weather applications, users unwittingly agree to put spyware on their machines in the license agreements we all agree to but don’t read. In some instances, users knowingly download adware. Educating users on spyware can deal with many of these situations: make employees aware of what spyware is, how it gets onto their workstations; and how to avoid it; stress to them the importance of reading the fine print in license agreements; and help them understand the ramifications of clicking on a pop-up add or downloading software from the Internet.
However, spyware will appear even if users take all these precautions, and once loaded on a workstation, it can be extremely difficult to remove. These programs often write themselves to the operating system’s registry and employ a wide array of tricks to avoid detection. Like viruses, only expect the arms race to escalate as creators of spyware will respond to every new method developed to detect and destroy it. Expect this Darwinian struggle to rage into the foreseeable future, like current struggles against spam and viruses.
