In-Depth

In Brief

Charting spyware growth, identity theft at universities, safer Web browsing

• By Mathew Schwartz
• 12/15/2004

IDC Charts Spyware Growth

Adware, malware, scumware: whatever you call spyware, it’s annoying at best, and at worst, extremely damaging. End users’ personal information is especially at risk, as is proprietary corporate information.

The need to identify then eradicate spyware, predicts research firm IDC, will propel the anti-spyware market from $12 million in 2003 to $305 million in 2008.

“Today, more malicious spyware can easily infiltrate corporate firewalls,” says Brian Burke, research manager of security products at IDC. “These programs make their way into the corporate Intranet under the guise of less-threatening network traffic and, once in, they can wreak havoc.” IDC estimates 67 percent of all PCs—though many of them consumers’—are infected with spyware.

Spyware infestations aren’t going away anytime soon, but at least organizations are starting to recognize the problem. In a recent IDC survey of over 600 organizations, spyware ranked as the fourth-greatest threat to network security.

- - -

Universities at Risk

When it comes to hacking into networks and stealing personal information, everyone’s at risk—some networks more than others.

To the top of the list add large educational institutions. “Universities present a growing area of concern for the security industry because of the openness of these systems and the large numbers of users,” says Jon Oltsik, a senior analyst at the Enterprise Strategy Group. “By infiltrating these networks, malicious hackers gain access to social security numbers, credit card information, home addresses, and other personal information.” He also warns of the potential for damage from universities’ network tie-ins to private-industry business partners.

Insider attacks are an especial threat for universities, says Jonathan Bingham, president of security software vendor Intrusic, since universities must balance ISP-like easy access with security. Bingham says for 2004, there were an average of two known, major compromises at university networks per month. In October, for example, a hacker may have stolen—authorities are still uncertain—a database containing personal information for 1.4 million participants in California’s In-Home Supportive Services program, when a University of California at Berkeley researcher’s computer was hacked.

Oltsik predicts such attacks will increase. “Because cyber criminals recognize the opportunities universities present, the number and frequency of breaches point to more of these attacks in 2005.”

- - -

Safer Browsing in 2005

Shopping for Internet Explorer alternatives? That browser, heavily targeted by attackers because of its known vulnerabilities, has been hammered by security researchers this year as well, with many advocating companies switch to a more-secure Web browser.

Users bear the brunt of browser vulnerabilities. According to MailFrontier, 750 million phishing e-mails will be sent between Thanksgiving and Christmas this year. At least some of those will successfully dupe users into disclosing personal information, or visiting a Web site able to take advantage of known browser vulnerabilities to install spyware on PCs and steal personal information.

In Britain this year, about 2,000 customers filed with the Association for Payment Clearing Services to reclaim roughly £4.5 million ($8.7 million) worth of goods and services falsely charged in their name. Experts estimate actual damages in the U.S. this year will come to billions of dollars.

One more-secure browser option is Deepnet Explorer. The latest version, 1.3, includes a feature—one of many—lacking in Internet Explorer: protection from phishing scams via a “phishing alarm.”

It works “by using both a blacklist of known phishing sites and by analyzing the URLs and Web sites, says Yurong Lin, CEO of Deepnet. “For example, it will be able to detect insecure Web sites that are forged to look secure—used in some phishing scams.”

Such technology is also available as a free Internet Explorer add-on via the eBay toolbar. The technology, known as Web Caller-ID, is from Austin, Texas-based Wholesecurity Inc.

E-mail program Eudora 6.2 has similar functionality, albeit for e-mails. In Eudora, a ScamWatch feature analyzes links, flashing a warning when there’s a discrepancy between the site displayed and the actual site to which the link refers.

This type of technology won’t stop every phishing attack. Some spyware, for example, steals information users enter when at legitimate Web sites. Still, any anti-phishing technology could help.

Related Articles

Web Caller-ID Arrests Spoof Sites
http://www.esj.com/security/article.aspx?EditorialsID=1087

Heading Off Phishing Attacks
http://www.esj.com/security/article.asp?EditorialsID=1035