By Will Sturgeon, 28 January 2005 16:25
NEWS Companies are failing to protect staff and critical systems from the often unseen menace of spyware on their networks.
According to the findings of a silicon.com poll only 38.4 per cent of respondents expressed confidence that their company has done enough to protect from spyware.
With so much spyware in existence, many of those respondents may even be kidding themselves but the majority of respondents openly admit businesses are failing to get to grips with the problem.
A worrying 29.5 per cent of respondents said their companies have done nothing to warn of the threat of spyware or protect users from it, while 23.2 per cent said individuals must look after themselves suggesting only the threat-savvy will be safe.
Perhaps more alarming still, nearly one in 10 respondents still don't know what spyware is, despite widespread coverage of the threat on services such as silicon.com as well as in some mainstream media.
David Jemitus, head of IT at the Government Planning Portal, told silicon.com that companies may need to be stung before they'll react.
"Many organisations don't seem to worry about spyware until they get examples where it has caused problems," he said.
silicon.com's CIO Jury this week also revealed a lack of confidence among senior IT professionals that the problem is under control.
Roger Thompson, director of content research for CA's eTrust Pest Patrol and Anti-Spyware solutions, said spyware has been Dell's number one tech support issue since December 2003 and is Microsoft's number one cause of system failure.
It also poses a serious threat of identity theft as well as acting as a source of potential data leaks, yet businesses appear unable to get their heads around the gravity of the situation.
Thompson said: "You can pretty much go into any company and onto any computer and there is a lot of nasty stuff on there."
Phil Young, head of IT operations at Amtrak, told silicon.com a clarifying of terms is also necessary in order to fully understand the threat.
"I do not believe that organisations have a full handle on spyware threats and it is hard to determine what can and cannot be considered to be spyware," he said. "Some applications need to run cookies and applets and this in itself can be considered to be spyware."
Comments
There are 4 comments. Join the discussion
1. anonymous
If you are so concerned about spyware, why do you have at least six versions of doubleclick on your web site?
(Ed note. While editorially we do advise against the unwitting downloading of any spyware applications we do also draw distinction between benign applications such as adware and traffic monitoring tools and malicious applications. We also advise the user to be aware what they are downloading onto their machines at all times, which is obviously what you have done. Well done, hopefully other users will do likewise and spot when websites are downloading malicious code onto their machines. Such vigilance is important, but in order to exist online and in order to keep the web working there will always be companies who use services such as doubleclick and which require the use of cookies in order to improve the user experience. There must be an appropriate balance, but users should define their own permissions. If you really have a problem with doubleclick then you must let your conscience vote by not visiting silicon.com.)
2. anonymous
Benign Adware. I think Microsoft lists as malicious software any code that purposely limits the functionality of a system.
There are a number of adware programs out there that do exactly that. Every program that makes modifications to a system to hi-jack any of the features of Internet Explorer (Home page, Search Feature... etc) is being malicious.
Adware: a program, or system modification, that serves ads to the users of a system. ie: Cool Web Search, malicious
Spyware: a program. or system modification, that serves to gather information about browsing habits to be transmitted to or harvested from an external server. ie: Doubleclick tracking cookie, relatively benign
The real problem is not with either, it is with the fact that they never seem to be tested for compatibility with other adware/spyware programs and if enough of these programs are loaded onto a system, no matter how benign they are, the system will not work. see Camel, straw that broke back.
3. Karen Challinor
Coolwebsearch shredder - http://www.intermute.com/spysubtract/cwshredder_download.html
Lavasoft adware removal - http://www.lavasoft.de/
Spybot search and destroy - http://www.spybot.info/en/index.html
I just use spybot myself at home and never had any trouble, the authors do need support though so if you use it please send them a donation
4. Phil Tarbrook
There is a Free removal tool at Lavasoft for the Home user called Ad-Adware SE
I use this in conjunction with yahoo's incorperated in there toolbar.Very suprised at the % of people that dont even know what spyware is ......!!!