Thursday, April 29

Hidden Spyware : Ignorance is not a bliss

According to the WebSense press release:
92 Percent of Organizations with at Least 100 Employees Have Been Contaminated With Spyware, Yet Only Six Percent of Employees Believe They Have Been Infected

Forty percent of IT managers report the number of spyware-infected workstations has increased in past year, according to Websense survey

According to Websense’s fifth annual Web@Work survey conducted by Harris Interactive®, there is a major discrepancy between employees’ knowledge and understanding of spyware versus IT managements’ findings on the number of corporate workstations that are actually infected. For example, one-third of employees either do not believe, or are unsure, that their computers could be infected with spyware. However, IT management reported that spyware was on the rise—of those that acknowledged they had a spyware infection, forty percent believe that the number of spyware-infected workstations at their organization has increased.

One of the most common ways for an employee to download spyware is by using a peer-to-peer (P2P) file sharing application such as KaZaa or Morpheus. Many P2P users do not realize that by downloading a seemingly harmless mp3 file, it may be accompanied by a spyware application. By connecting users directly to each other to download or swap files, P2P networks bypass normal security barriers and can be easily exploited by hackers to spread spyware.

"Employees are typically exposed to spyware as a parasitic program that is attached to something useful they've intentionally downloaded from the Internet, or been tricked into downloading, or it is surreptitiously loaded by a malicious hacker," said Peter Firstbrook, program manger at META Group. "Most employees don't even know they are infected; however, spyware can be merely a nuisance, clogging the network with advertising traffic or pestering the user with pop up ads; or it can be an invasion of privacy and collect what sites they've been browsing on; or less often, a security threat that records keystrokes or screenshots that reveal confidential corporate information and potentially create backdoors by revealing passwords and user names."

Related Links:

* What is spyware?

* For a list of software tools that can help you detect and remove spyware applications, click here

* How To Remove Spyware From Your Computer

* Fighting back against spyware

* Latest Spyware News on Google News