The Business threat from Spyware

Anyone who uses a modern computer today is aware of spyware. To most people, spyware is a petty annoyance generated by less-than-ethical advertisers, search engine designers, software distributors and hardware manufacturers. Spyware is used to track, record and report activities of interest to third parties, usually without the consent or knowledge of the persons being monitored. Casual home computer users rarely need to worry about spyware; however, in business applications, spyware can be used to devastating effect by the competition’s corporate spies and analysts.

Spyware Identification and Some Simple Solutions

Anthony Ricigliano Spyware is generally encountered in three major distinctive forms: Hardware, firmware and software. All three types have various characteristics which can make defeating spyware difficult.

Hardware Spyware

An example of hardware spyware is the unique identification number of an Intel Pentium or later class of CPU. This number can be used to specifically identify any CPU. When combined with appropriate software, this number can be directly linked to an IP address and the precise location – if not the exact user – can be determined. The solution for this problem is using computer motherboards with BIOS setting that are capable of disabling access to those numbers. The solution for hardware devices can be complex, as most firmware and hardware is designed not to be detected nor disabled.

Firmware Spyware

Anthony Ricigliano Firmware Spyware is semi-permanent software running at the machine hardware level. The BIOS CMOS chip is where it usually resides. Most is relatively innocuous; however, someone with malicious intent can replace the BIOS with a custom-made copy which can contain code to enable access to the computer. The best defense is to use factory-authorized and distributed firmware.

Software Operating System Spyware

Software spyware can exist in either the operating system or in applications. An example of operating system spyware was the recent disclosure of an operating system file that was inaccessible to casual users that recorded the GPS locations of where the device was physically located through its existence. The Apple iPad tablet and other similar PDAs used similar technology. After the spyware was brought to the public’s attention, the manufacturer quickly released a patch to the operating system that disabled the file.

Applications Spyware

This is code embedded within a program which can track and report a user’s activity. Typically, a file is generated within the application’s limited access areas, however, cookies can also be generated such that when the device is online, the recorded data – often in an encrypted form to hide its nature – can be accessed with ease. In theory, the EULA is supposed to disclose any use of data derived from use of an application, however, the legal wording is tedious to follow and it is almost universally ignored by the user installing the application. There are a number of spyware scrubbers available for retail sale that can clean up residual traces of activity and help ensure some modicum of privacy. But, as with any other software backup system, it is only good when it is regularly and routinely run.

The Business Challenge

Awareness and education are the critical components of fighting spyware. It is insufficient to simply install a software application and rest assured in the knowledge that the computer is protected. It is not. It would do absolutely nothing to prevent a spy from installing a wireless hardware keystroke logger into a keyboard and downloading a complete log of all of the keyboard activity on demand and by remote control. Passwords, account numbers, sensitive corporate data all would be compromised. Physical security, situational awareness and constant vigilance are a business’s best and only adequate defense.