The Spy Who Loves You

Bond. James Bond. He’s the ultimate British spy who hunts down nasty villains. But wait; is he really the ultimate secret agent? Well think again, because the world of technology is full of spies designed to get more information out of you than James Bond ever could. In fact, these spy programs even have an insidious name just like a Bond nemesis; Malware. This is an abbreviated form of the words “malicious software.”

Malware is a catchall phrase for a variety of software. Anti-virus programs are designed to catch the more visible forms of Malware such as viruses and worms. However, it’s important to recognize that Malware really covers a broad range of “unwanted programming code” that could violate or be harmful to the integrity of your organization’s technology security.

Arch Enemies of PCs

RATs, crackers and sniffers, browser hijackers, spyware and adware. Sounds like a group of thieves and cutthroats doesn’t it. Well you’re right. In many ways they are criminals of a sort. They can steal your privacy and security away from you at home or at work. They can fill your screen with unwanted ads and porn. They’re intrusive and generally unwanted. So what are some of these software thievery programs? There are a lot of them, and for space reasons, we’ll focus on just a few in this article.

RATs (remote access Trojans) are programs that allow unauthorized network access once it’s installed on a user’s computer. These programs can infect a machine via an email attachment or sometimes through a website download. RATs can open up a hole in the firewall of your computer or network so that someone from outside your home or organization can access your system(s). Obviously, the last thing you want is to give an outsider access to information or the ability to destroy your data with some well-placed technology viruses.

Crackers and Sniffers. Sounds like a safe cracker with a dog doesn’t it? Well in a manner of speaking that analogy works. In the right hands, these programs are tools to sniff out and crack security holes or weaknesses in an organization’s network and/or systems. However, in the wrong hands, a person working inside an organization can easily spy on colleagues or gain access to password-protected areas. The one difference here is that crackers and sniffers don’t run automatically. A user has to install and turn it on for it to work, and it doesn’t transmit information back to a remote server outside the organization’s network.

You’re Being Watched

Spyware; just the name says someone’s watching you. Falling under the Spyware umbrella is adware. You’ve seen it; you just might not know it for what it is. Adware is the primary culprit for a great many of those annoying popups.

Spyware along with adware is software that sends data back to a third party (usually an advertiser or marketer) without asking you permission.  It monitors your computer usage and sends that information back to a third party without your permission. It does this while you’re surfing and reduces your browsing speed. Having trouble loading a webpage when you have a cable modem? Spyware is often the culprit. Spyware also consumes the resources on your computer (memory) and slows the PC down. It can crash your computer, it costs you money and it invades your privacy.

Although there are instances where the software is loaded onto the computer without the user’s permission, such as by visiting a website that arbitrarily loads the spyware, most users agree to the download. While you might not remember agreeing to anything, your agreement is spelled out in the website’s terms and usage policies that you have to agree to before accessing the good stuff. Naturally, most people don’t read this find print; we just mark that check box and keep on surfing.

In many cases, unsuspecting users download spyware thinking they’re getting something useful. Have you heard of Gator? It’s promoted as “free” password storage software. With the need for security increasing across the Internet, many people have multiple logins and passwords. Gator claims to help you out by providing you with a “free” software package to keep track of your logins and password.

The problem is most people don’t know it’s spyware because they don’t read the fine print. Just remember that there’s no such thing as free; there’s always a price to pay. If someone is offering you a free Internet service, in many cases there’s adware or spyware attached to it.

If you want spyware-free, password storage software, there are reasonably priced packages out there. My personal choice is RoboForm, which has the recommendations of the Wall Street Journal, Kim Komando (Digital Radio Show) and PC Magazine as well as other well respected sources.

Another type of spyware is the browser hijacker, or more commonly called hijackers. These programs are one of the most insidious pieces of software to hit your PC. The name says it all it. The software hijacks your browser, and sets your home page to a different website, mainly porno sites. In many cases, the software prevents you from being able to change those settings back to what it was.

The browser hijacking software also spies on your browser activity, invades your privacy and you’re continuously flooded with popups. In most cases, the popups are of the pornographic kind, and the software is almost impossible to eliminate from your system. One current version flooding the Internet now is called CWS (CoolWebSearch). This particular hijacker has several variants in play that easily shuts down Spyware/Hijacker removal software so that you’re literally held hostage because you can’t remove the spyware.

Protecting Your PC

When it comes to spyware removal, there are too many products to examine here, but some of the top names include SpyBot, Spyware Eliminator. PC Magazine has done a recent review of spyware removal software. You can view a summary of these software’s at http://common.ziffdavisinternet.com/download/0/1986/SpywareFeatures.pdf (This link is no longer available.)

So what other steps, besides spyware removal software, can you take to keep your computers and networks safe from Malware? Well, common sense is a good rule of thumb here. Build security policies and stick to them. Educate users about Malware. Ensure they understand how their computer and work can be impacted if Malware gets on their machine.

Some tips to save any PC user headaches include refusing any downloads that are offered by a website the user visits. In many instances, spyware is bundled in with the download. If a website asks the user to set a particular webpage as their home page, say no. Generally this indicates a website that will download spyware to the user’s PC.  One of the most important tips is to update Windows on a regular basis. The most recent versions of the Windows operating systems can be set to do updates automatically.

So the next time you run into your arch enemy, Malware, act like James Bond and smoothly stop the enemy by becoming knowledgeable and implementing a plan to stop Malware in its tracks.

_____________

09/16/2004
Roanoke County Information Technology
Kathi B. Scearce, PR Manager