As attention focuses on the increasing spyware threats to enterprise networks, vendors are beginning to view the enterprise landscape as fertile ground for anti-spyware protection.
Webroot Software, a developer of Internet privacy and protection software, recently completed the first audit of spyware in the enterprise. The audit found more than 20 spyware elements per corporate computer.
Another industrywide survey, conducted by Equation Research for Webroot, showed that corporate networks are being bombarded with spyware infiltration in record amounts, but relatively few corporations are taking adequate steps to combat the threat.
According to the survey, more than 70 percent of corporations have expressed an increased concern with spyware, but less than 10 percent of businesses have implemented commercially available anti-spyware software.
To conduct the survey, Webroot used its Corporate SpyAudit tool. This opt-in audit program was designed to scan enterprises for various forms of spyware.
Webroot’s spyware audit of several thousand enterprises revealed that potentially thousands of desktop computers inside large enterprises are infected with spyware, including system monitors or Trojan horses.
Webroot officials said the audit represents the first comprehensive analysis of the presence of spyware within corporate networks. The Corporate SpyAudit scanned more than 10,000 systems, representing more than 4,100 companies.
The auditing process discovered what company officials said is an alarming warning to corporate executives. On average, 5 percent of the PCs scanned had system monitors and 5.5 percent had Trojan horse programs.
Internet security experts agree that these are two of the most dangerous and potentially malicious forms of spyware.
Prime Target for Spyware
The enterprise environment is obviously an attractive target for spyware writers, experts say.
“The enterprise offers a bounty exponentially larger than what the everyday consumer’s PC might surrender to a spyware program,” Richard Stiennon, Webroot vice president of Threat Research, told TechNewsWorld. “Everything from customer information to payroll details to product specs and source code are all potential spyware targets.”
He said that beyond the potential theft of sensitive information, more benign forms of spyware, like adware, cause increased bandwidth consumption and decreased employee productivity.
The proliferation of spyware on corporate computers is getting out of hand, noted Josh Blanchfield, CEO of Tenebril, which is preparing an enterprise version of its consumer level anti-spyware software.
“The focus of spyware is selling to enterprise space. It’s become that bad,” Blanchfield said about spyware attacks on corporate computing.
He said that spyware protection is not the same as virus protection. The people writing spyware have a high expectation of making money.
“We’re finding that more new spyware is coming out faster than viruses,” Blanchfield told TechNewsWorld.
Market Ripe for Enterprise Products
Blanchfield said spyware is currently one of the major concerns for the enterprise. Discussions with dozens of IT managers show that the enterprise space is disappointed with the slow response to spyware threats from antivirus product makers.
“Since the launch of our enterprise edition of SpyCatcher this summer, the inbound demand has been overwhelming,” Blanchfield said. “This has been fueled by frustrated IT managers who are inundated by help desk calls.”
He said the problem is twofold. Adware is slowing workstations to a crawl, while more malicious Trojans and keyloggers present a real security threat.
InterMute, maker of well-respected consumer anti-spyware products, is getting ready to enter the enterprise protection marketplace.
“We have something that we are about to announce, called SpySubtract MD, which is a Web-based free spyware scanner,” Andrew Ostrom, marketing director for InterMute, told TechNewsWorld. Visitors to InterMute’s Web site will be able to click on a button to start a system scan for the presence of spyware. The Web-based audit program will scan only, not clean systems.
A companion product for purchase will be SpySubtract Rx. This product will both scan for spyware and clean infections.
Ostrum said InterMute will begin distributing its SpySubtract Enterprise Edition by the end of this month. IT manages who buy this product will get free access to SpySubtract Rx.
“We are exploring the commercial opportunities for SpySubtract Rx at this time, but we see it as potentially integrating well into public infrastructure access points like hotels, coffee shops with WiFi access, convention centers, etcetera,” Ostrum said.
Publicity Encourages a Cure
Released on October 7 as a free tool, Webroot’s Corporate SpyAudit analyzes individual corporate desktops and provides a real-time report of spyware programs hiding within enterprise networks. The Corporate SpyAudit is modeled after Webroot’s successful consumer SpyAudit program launched earlier this year in conjunction with Earthlink, which has already performed more than 3 million consumer PC scans.
“For businesses that have questions about spyware, the Corporate SpyAudit report is the reliable source of current information about this threat to corporate privacy,” Webroot’s Stiennon said. “By tracking and publicizing the growth of spyware in the enterprise, we can better educate businesses of its risks and encourage them to take steps to protect their networks and the valuable assets therein.”
Spyware is a rapidly proliferating type of software that can track online and/or offline PC activity. It is capable of locally saving or transmitting those findings to third parties, often without a user’s knowledge or consent.
Until recently, Webroot officials said, the enterprise workplace was thought to be virtually impervious to spyware attacks because of the false belief that corporate-level antivirus and firewall mechanisms provided adequate protection against this new threat.
That notion has changed as many enterprises have fallen victim to spyware as hackers have realized the massive economic potential corporate networks present.
Worse than Spam
Tenebril’s Blanchfield said spyware has now surpassed spam as a pain point for IT managers. Spyware is forcing IT managers of unprotected systems to spend all of their time reimaging dozens of computers almost daily.
He compared anti-spyware efforts to past experiences with anti-spam efforts.
“Anti-spam has become a much deeper hole than anyone first thought it would be. We’re finding that same thing to be true with spyware,” Blanchfield said.