Spyware Fades to a Dull Roar, But Targeted Attacks LoomBy Matt Hines | Posted 2006-07-20 Email Print
News Analysis: Analysts agree that most enterprises have reached a point where they can effectively block many forms of spyware, but targeted attacks at specific companies and the need to further integrate security technologies are both keeping bus
Much as in their battle against unsolicited spam e-mail, enterprises are having success in reducing the impact of spyware programs, but a new breed of targeted attacks combined with a constantly changing array of delivery methods has kept the malicious code on IT administrators' radar.
With Internet phone specialist Vonage recently coming under attack from security researchers for its advertising practices, for which it has been accused of funding nefarious adware providers, and social networking site MySpace.com becoming the unsuspecting delivery tool of other malicious code writers, it is clear that spyware remains a real threat.
However, industry experts concede that most large businesses have become sufficiently mature in their efforts at blocking out mainstream spyware attacks.
The challenge for enterprises moving forward, analysts say, will be in warding off spyware attacks crafted by organized criminals that are specifically aimed at their companies, or smaller groups of businesses, and pulling together disparate security technologies to help fight so-called blended threats that use spyware along with other malicious programs to help find new ways onto corporate networks.
Ben Edelman, a well-recognized spyware researcher and consultant based in Cambridge, Mass., said there is debate over whether the volume of spyware programs has been reduced, but he considers those statistics unimportant in the face of more-targeted attacks motivated strictly by hackers' ability to generate income.
Another emerging spyware delivery method has arrived in the form of freely distributed Web browser applications that serve primarily to direct end users to sites that harbor spyware, such as the so-called Safety Browser attack unearthed by researchers in May.
"In general there have been small downturns in the number of spyware attacks, but the numbers were also preposterously high as it became such a popular area over the last few years," Edelman said.
"The interesting development of late has been [malware writers] shifting their primary focus to new ways of delivery; the rise of anti-spyware programs and Microsoft's distribution of security updates has improved the landscape somewhat, but you also have people finding sound business models for making money off spyware, and they won't stop until the money goes away."
Whereas the spyware programs of days past were largely scatter-shot attacks meant to draw in anyone gullible enough to download their code or visit the Web sites they were hidden on, Edelman said that increasingly organized groups of malware writers are shifting their attentions toward ripping off specific firms, and their customers.
Along with well-known attempts to dupe users of popular sites such as eBay and Google, researchers claim they have come across programs that were aimed at customers of small regional banks and other lesser known businesses.
Read the full story on eWEEK.com: Spyware Fades to a Dull Roar, But Targeted Attacks Loom