Home » Data Protection » Malware/Cybercrime

Spyware: Scumware Out There

Security vendors big and small are in an arms race to root out spyware and other malicious code, but so far they're all losing.

November 01, 2004 — CSO — Maybe I clicked "no" in a dialog box that I ought to have closed, or installed a bogus version of a browser plug-in. Maybe I just visited the wrong website on the wrong day, and with my Web browser's unwitting compliance became a victim of a drive-by downloading of rogue software. Whatever the case, my punishment was brilliant and unstoppable. The spyware hijacked my Web browser and bombarded me with pop-up ads, even when the browser was closed and the network connection was unplugged. It made dubious offers of antispyware tools that would supposedly clean my system, yet hid from three legitimate cleaning tools and my antivirus software. It resisted my attempts to close it from the Windows task manager or delete it from the startup file. Applications ran grindingly slowly, and my system crashed so often that it was rendered useless. Whenever I thought I had the monster killed, it reared its ugly head again.

Finally, my company's IT technicians threw up their hands and reformatted my hard drive, mystery unsolved.

Along the way, something happened to me that observers say has happened to a critical mass of even the most security-savvy computer users over the past six months: Spyware became not just a nuisance but a plague that brought my productivity to a screeching halt.

"In enterprise, the guys are telling me that as much as 25 percent of their desktops at any time are affected by increasingly destabilizing software," says Peter Firstbrook, an analyst at Meta Group. "It's their number-one help desk issue."

"We have evidence that [spyware] is at least partially responsible for approximately half of the application crashes our customers report to us," Jeffrey Friedberg, Microsoft's director of Windows privacy, told Congress last spring—and you know that's a lot of application crashes. "It has become a multimillion-dollar support issue."

"We've never seen malicious code to the level we've seen in the last six months," says Ed Skoudis, author of Malware: Fighting Malicious Code. "It's just exploded."

Unfortunately for CSOs, there simply isn't an automatic or foolproof way to make sure their companies' computer systems aren't infected with this type of malware. Antivirus vendors are still figuring out how to change their business models to encompass the threat, and antispyware boutique firms are struggling to roll out enterprise versions of their consumer-oriented products. Legislation and case law are only just emerging, even as the companies involved hurl lawsuits at one another faster than you can say "reboot." Meanwhile, creators of spyware and its trickster cousin, adware, are developing versions of their wares that are so elusive and pervasive that they've earned a nickname: scumware.