Reports of the demise of spyware have been greatly exaggerated. A survey conducted since January, which pointed to a decrease in spyware over the last quarter, had been interpreted as a sign it was beginning to come under some control. Not so, say Webroot, conductors of the survey.
“There has been some misinterpretation of the recent Earthlink/Webroot survey of spyware infections,” said Richard Stiennon, vice president of threat research at Webroot. “The decline in the survey might be attributed to a myriad of reasons.”
One of the reasons put forward were the hurricanes that recently affected the southern half of the US. It has been widely reported that the instance of spam dropped as a result and it could have had the same effect on spyware. “We see no reason why spyware numbers can’t be affected too,” said Stiennon.
The survey actually highlighted 83 million instances of spyware at an average of 25 per PC since the start of the year, with significant rises until the hurricane season.
Unwanted and malicious spyware is becoming an increasing problem for companies who spend a great deal of time trying to rid it from their systems. “It’s difficult to quantify the spyware problem,” said Richard Cross, information systems security officer at Toyota. “But in one lunch hour 66 connections were attempted and we only have about 2000 users. It’s a serious issue.”
Companies face difficulties, not only through the increased sophistication of attacks but also from a lack of awareness amongst users. “There’s a tightrope to walk between how much privilege users want, and the restrictions needed to make the system safe,” Cross said.
And even in the instances where spyware is detected, it’s not easy to take action against it. “We really have no confidence in the legislative procedures involved in dealing with spyware. It seems to be created without any regard for the law,” Cross said.
As a result of the threat Toyota are conducting a technical review of user privileges. But Webroot warn that the problem is likely to worsen. “Spyware continues to grow more sophisticated and more dangerous each day. It takes only one key logger to capture a consumer’s PIN number and only one Trojan to pose as a benign pop-up and start transmitting data to criminals. This menace is still very real,” Stiennon said.