In Depth

Spyware: Scumware Out There

Security vendors big and small are in an arms race to root out spyware and other malicious code, but so far they're all losing.

By Sarah D. Scalet

Every little bit helps. At UPS, Jim Flynn, systems manager for information security, says that awareness training—both for employees and for customers who have UPS-supplied hardware for shipping—has gone a long way toward limiting the amount of damage spyware can do. "We have an extremely strict no-download policy," he says. "People know that if they notice any kind of abnormal installation activity, to notify us and we can take steps to get that corrected."

A true solution, of course, will come only with more thorough, easier to manage antispyware tools. CSOs are in a unique position to make this happen more quickly by putting pressure on vendors to add the capabilities that they need. In fact, observers predict that soon, some of the large antivirus vendors will really start putting their money where their mouths are, and kick-start their antispyware efforts by acquiring some of the boutique firms like Webroot.

Meta's Firstbrook says the market for antispyware tools is appearing just like that for antispam technologies, which saw tremendous vendor consolidation during the past year and a half. He thinks that antispyware functions will be swallowed up into antivirus tools, so users get "one scanner and one cleanup utility." Problem incorporated.

But then, it'll be on to the next thing. "Spyware is the chewing gum of the Internet that sticks underneath your soles," Garigue says. "It clogs up your carpet. It's really messy. Some of it is really nasty, and you need to be able to evaluate the germs you're bringing home."

Other stories by Sarah D. Scalet

• Email
• Print
• Comments
• Digg This
• SlashDot

• The Future of Antivirus
• Teens Charged With Loading Spyware, Changing Grades
• Polymorphic Malware: A Threat That Changes on the Fly