Warnings raised on spread of spyware

By Matt Whipp

Posted on 9 Nov 2005 at 15:45

The threat of spyware continues to grow, according to the latest State of Spyware report issued by Webroot today.

The report claims that average home computer in the UK is infected with 18.1 instances of spyware, giving the UK the highest concentration of spyware infections in Europe, and puts it third on a global scale, behind the US, with 24.4 infections on average, and Thailand, with 18.7.

The survey showed that an average of 72 per cent of home computers were infected, down sequentially from the previous quarter's 83 per cent and last year's high of 92 per cent.

Webroot puts this drop down to greater consumer awareness of the issue, which in turn lead to legitimate companies being more careful about the tracking mechanisms they use, ensuring their cookies and so on stay the right side of the spyware definition.

Better education has also meant greater use and availability of antispyware software and this, coupled with the rapid formation of legislation has resulted in a general decline from the unregulated 'gold rush' of last year.

However, it's not the good news it appears. While the high profile of the spyware phenomenum has curbed the numbers, the spyware that is being seen is growing more insidious in nature, as those that continue to create the code are the less scrupulous.

Infection rates for Trojan horse programs, which often give an attacker control over the computer even as far as installing further malicious software, have steadily risen quarter on quarter since the end of 2004. The rate currently stands at 1.7 infections per home computer.

At an enterprise level, businesses have all this to contend with and more. The survey showed that eight per cent of system scans turned up spyware infections. Businesses are responding to the threat. Some 68 per cent say they are using antispyware protection at the desktop, with a further 21 per cent planning to do so, and 44 per cent say they have protection at the gateway. But the remainder are relying on existing firewall and antivirus deployments as their spyware defence.

Not good enough, says Webroot. Those distributing spyware are increasingly turning to polymorphic code and rootkit technologies that can result in antivirus software not recognising the malicious code or hiding it completely. To their credit, antivirus vendors are updating their software to adapt to the rootkit threat, but only some currently offer this detection.

'System monitors and Trojan horses pose the most significant threat for online users, especially for enterprises,' said C. David Moll, CEO of Webroot Software Inc. 'Spyware purveyors use these types of spyware to infiltrate a network or an individual PC to steal the very data that corporations work hardest to protect - customers' financial records, for example.'

But the real incentive to crack the spyware threat for businesses is the legal imperative - particularly in the US where legislation is far more developed. 'If your enterprise is attacked by spyware, you are not just a victim: you also are a potential defendant. Today's legal environment makes businesses responsible for failing to prevent foreseeable attacks, including spyware attacks, that result in harm to consumers,' claims the report. 'Failure to take spyware seriously may expose an enterprise to substantial risks, including prosecution by the FTC or non-compliance with HIPAA or Gramm-Leach-Bliley Act.'

For more information, visit Webroot's website.