Computer Security: Israeli ISP Has a New Weapon to Fight Spyware

Spyware is responsible for all kinds of nasty computer problems; it can log keystrokes, install adware, communicate with hackers and make itself impossible to uninstall.

It also raises support costs for Internet service providers. At Internet Gold, which provides Internet and telecommunications services to businesses and home users in Israel, spyware—software that installs itself without permission, sometimes by tricking users into clicking on something—was one of the biggest reasons customers called technical support, according to marketing manager Tomer Sharon.

Often, customers didn’t understand why their PCs were running so slowly, he says. And after the help desk ruled out problems with broadband or the local loop, they were often startled to learn the cause.

“How do you tell a customer they have spyware? It’s scary!” he says.

Internet Gold already sells products and services to protect businesses against spyware. The products are made by Aladdin Knowledge Systems, an Israeli security vendor. But the ISP wanted a service to sell to home users and small businesses—companies with a small network and nobody to manage it. The service had to be easy to use and inexpensive enough that customers wouldn’t balk at paying for it.

The company offers a good case study on how a company can deal with this growing problem.

More than two-thirds of spyware exploits originate in the United States, according to a report released in August by Webroot Software, a security vendor in Boulder, Colo. For the second quarter of 2006, infection rates among home users climbed back to 2004 levels, with 89% of PCs infected with some type of spyware.

Meanwhile, 40 companies reported spyware security breaches to Webroot, and corporate infections caused by two types of spyware—Trojans and system monitors, such as keyloggers—have remained steady throughout the year, despite Webroot’s estimate that 70% of companies already use some form of spyware protection. The report says spyware writers are getting better at concealing their code on victim PCs.

For Internet Gold’s home and small-business customers, Aladdin diverts their traffic through a device in the ISP’s data center that inspects application protocols such as FTP and HTTP for spyware. The vendor has a team working 24/7 to identify spyware Web sites, communicate with other security vendors, and study spyware behavior and code.

“We know spyware uses certain components in the code to open connections back to a server, so when we analyze new spyware, if it looks like a dog and walks like a dog, it probably is a dog,” says Aladdin vice president Shimon Gruper. He says false positives are rare.

Aladdin’s service blocks known spyware Web sites; inspects HTML on Web pages that subscribers visit to detect and block drive-by attacks; prevents downloads or communications by suspected spyware or other malware; and patches security flaws in Microsoft Internet Explorer before Microsoft does, according to Gruper.

Internet Gold spent around $40,000 developing the service, which it calls Safety Net, and started selling it in February. Customers pay $2 a month. By August, Safety Net had more than 60,000 subscribers and had more than paid for itself. It is now one of Internet Gold’s most popular services, and provides revenue at a time when prices for basic Internet connectivity are falling.

Aladdin is now trying to sell its anti-spyware service to American ISPs, but sales are going slower than they have in other countries such as Thailand, according to Gruper. Those ISPs see spyware protection as something they can sell, he says, while ISPs in the United States want to give it away to all existing customers because they don’t think many people will pay for it.

However, Gruper thinks Aladdin can sign up its first ISP in the United States by the end of the year. Once Internet Gold started offering the service, other Israeli ISPs wanted it, too, he says. The same was true in Thailand. Gruper hopes the U.S. will follow along.

More Stories