August 2004 — Features
Print this article | Email this articleClick here to receive your FREE subscription to T.H.E. Journal
Unmasking Spyware
It used to be that internet threats were aimed at disabling their targets. The most common payload of yesterday's viruses, worms and other malicious code either caused system instability or, perhaps, deleted certain files. In many cases, these threats announced their arrival by flashing messages on the computer screen or causing some other disturbance that was impossible for a user to ignore.
In contrast, today's Internet threats often arrive so quietly that they're undetectable. This is because they rely on "stealth" to accomplish their programmed task. Increasingly, the top priority of these threats is to expose and extract confidential information stored on or transmitted by the target computer. For these threats, silence truly is golden because it allows the malicious code more time to identify and extract additional sensitive information, including passwords, decryption keys and keystrokes.
According to the most recent "Symantec Internet Security Threat Report" (visit http://enterprisesecurity.symantec.com/content.cfm?articleid= 1539), there was a dramatic increase in such malicious code reported during the last half of 2003. The code entered personal and business systems through a variety of vehicles, including spyware.
Beware Spyware
Spyware is code that gathers information from a targeted computer and relays it to another party. Many spyware programs track users' Web surfing activities to deliver online advertisements that more closely match their interests. However, other spyware programs can hijack browser settings, monitor all keystrokes, scan files on a hard drive, look at other applications, and install their own programs. Spyware is often unknowingly downloaded from Web sites, typically through freeware such as utilities, games, media players or accounting software. Many of today's most popular peer-to-peer programs are also frequent sources of spyware.
One of the most serious aspects of spyware is its covert nature. When users download a free utility, for example, the end-user license agreement for that program rarely explicitly discloses that spyware will automatically download along with the free utility. In other cases, a license agreement for a utility might refer to spyware in such vague language that it is impossible for the user to understand. To further obfuscate the issue, users rarely read through end-user license agreements; instead, they simply click their consent to its terms. By doing so, users unwittingly give permission for the spyware to download and go to work.
Worse yet, once installed, spyware is very difficult to detect and eliminate without special spyware removal software. In fact, because spyware often g'es undetected, many computers are likely infested with several of these covert programs. In addition to introducing privacy concerns, these programs also consume computing capacity and bandwidth, and can lead to general system instability as they regularly transmit their gathered data back over the Internet to their creators. And removing this malicious code is yet another challenge. Often, when spyware is installed with a utility or game, the user must uninstall the entire utility or game in order to remove the spyware; even then, some stubborn spyware programs may remain intact.
