<< Back to article Print this page Loading page, please wait...

Spyware annoys, not threatens, IT managers

Michael Crawford (Computerworld)
27 May, 2004 11:02

Despite the alarming statistics and doomsday warnings about spyware in recent months, Australian IT managers claim it has only hit a small percentage of their user base with few signs of malicious intent.

Mercy Health and Aged Care technical and communications manager Simon Richardson describes spyware as a nuisance and a drag on bandwidth but hasn't heard of instances of entire systems crashing locally.

Richardson manages a network of five hospitals and says only 3 percent of users on his system have been hit with spyware problems.

He admits the problem has increased when employees take laptops home to work.

"The spyware we have found so far is annoying, not malicious and we have not found any actual damage or corruption to the network, or individual PCs; but it can be missed by antivirus software," he said.

"If users are re-directed by spyware to a porn site they think they are going to be reprimanded and it puts the fear of God into them because it is unintentional; they operate by the 'Thou shalt not search porn' training regime and jump on the phone to call tech support straight away.

"As an organization we are lucky we haven't come across any malicious intent," he said but admits it may just be a matter of time referring to global statistics that show up to 30 percent of corporate systems have some form of spyware.

"The last thing I want to do is to put spyware scanners on every individual computer in the network, that's not an approach that I want to take."

Richards said one way an organization can keep track of which employee are unwittingly exposed to spyware is to go down the extreme line of comparing snapshots of the PC in question before it is given remote access to the network.

One of the most common ways for an employee to download spyware is by using a P2P file-sharing program, which bypasses normal security barriers by connecting users directly to download or swap files.

Meta group program manager Peter Firstbrook said employees are the last to know when they are infected as it occurs unintentionally when they are downloading from the Internet.

"Spyware can be merely a nuisance, clogging the network with advertising traffic or pestering the user with pop up ads, but often it is used to collect personal information about the user and which sites they are visiting," Firstbrook said.

Antivirus software and Web filters are successful in blocking some spyware content; however, those looking for blocker programs online are advised that some of these install even more spyware.

Gartner analyst Steve Bittinger said for a network to be truly guarded against spyware an organization has to seriously consider personal firewalls.

"People are looking at external perimeter security but that is just not good enough," Bittinger said

"An organisation needs to have a well architected internal security and prevention system as it is difficult to prevent staff members connecting to a network via a PDA or laptop."