Just this month the FTC announced it had asked a U.S. District Court in New Hampshire to shut down a spyware operation that hijacks computers, secretly changes their settings, barrages them with pop-up ads, and installs adware and other software programs that spy on consumers' Web surfing. The FTC alleges the spyware operation – a network of sites operated by former “spam king” Sanford Wallace -- violates federal law and asks the court to bar the practices permanently.

How pervasive is spyware? Internet service provider Earthlink announced earlier this month that a scan of 3 million computer systems over nine months found 83 million instances of spyware. Researcher Gartner Inc. has estimated that more than 20 million people have installed adware applications (adware is a type of spyware that reports back on a user’s activities in order to serve up targeted advertising), and this covers only a portion of the spyware that is out there.

A dangerous evolution

All of this recent attention comes as traditional notions of spyware are evolving. Indeed, Gartner in July noted that spyware has evolved -- from simple cookies to a range of sophisticated user-tracking systems. The researcher went so far as to issue a report this summer titled “A Field Guide to Spyware Variations.”

In that report, Gartner observed that, midway through 2004, its clients were seeing a “surge in manifestations” of spyware. Moreover, new methods to snare users are appearing all the time, including greater exploitation of multimedia and mobile and wireless systems. Gartner clients reported that cleanup efforts typically take a few hours; however, in no time at all, the same systems will become infected again.


Gartner’s research underscores a key finding of the latest Symantec Internet Security Threat Report: namely, that these violations are becoming more problematic. The Threat Report found that six of the top 50 malicious code submissions to Symantec Security Response in the first six months of 2004 were adware.

The Threat Report noted that adware packages perform numerous operations, including displaying pop-up ads, dialing to high-cost numbers through the system’s modem if one is present, modifying browser settings such as the default home page, and monitoring the user’s surfing activity to display targeted advertisements. The effects range from mere user annoyance to privacy violations to monetary loss.

Reasons to be vigilant

While the threats posed by these programs may be difficult to quantify, that doesn’t mean they aren’t a security concern to today’s enterprises. Because spyware and adware programs are unauthorized, surreptitiously installed software, administrators have no knowledge of or control over what the programs may be running. For instance, they could be used to monitor users’ browsing habits, constituting a loss of privacy. Most spyware and adware packages are also capable of dynamically updating themselves, often with new functionality that the user is unaware of.