IPkey.com
information security
monitoring & management
Information Security Bulletin
February 2003
Feature Story:
Help!
Is there
adware, malware, spyware, underware, hostile code, slimeware, trojans or
keystroke loggers on your systems?
You bet!
Over 90% of you have software on your computers that is sending someone
you've never heard of information about you. This data
can be anything from your web browsing habits to credit card numbers.
The collection methods range from legal collection and transmission of data
authorized by you, to criminal theft of passwords, credit card numbers and
banking data.
But wait, you say, I never authorized anyone to spy on me. Wrong! Many of those 'terms and conditions of use', 'disclaimers' and 'agreements' that you click 'I Accept' on at web sites and with software downloads DO contain authorizations to spy on you. Take the time to read one of these - you will be amazed by what you agree to. So, authorized or not, almost all of you have spyware on your PCs.
If you think that's bad, consider trojans and worms. These little rascals are like 'moles' that can take control of your PC when instructed to do so from anywhere on the internet and turn it into a 'zombie'. Typically, zombies are used to launch Denial of Service (DoS) attacks against major web sites that hackers target for disruption. Your PC itself may not be that important, but hackers will use tens of thousands of zombie PCs like yours to create an overwhelming DoS attack. Of course, any PC that's been infected by a Trojan has no secrets. A hacker can get anything he wants, including access to your corporate network if there's a VPN connection.
My clients are amazed when I scan their machines and show them just how compromised they are. In all my years of tracking computer security issues, I have never seen a problem as little understood or as under-reported as this.
Welcome
to the
Information Security Bulletin. This is your source for the latest
practical information you can use to protect your organization's critical
information and
network services.
Marcus Clarke
ISB Hot Tip:
Beware of Turbo Tax 2002! Extreme PC, a part of PC Magazine, recently issued an eye-opening expose of the use of slimeware in Intuit's 2002 Turbo Tax product. It concerns the use of Digital Rights Management (DRM) which is today's incarnation of copy protection. Read it and learn the ugly details of how deeply your PC is compromised when you install software from a 'reputable' vendor.
What's in a name?
In my opinion, one of the biggest hurdles toward wider education of this problem is the confusion over naming. Everyone knows what a computer virus is, but how many have even heard of adware or spyware?
We desperately need a single, catchy name to describe this whole class of software. It's a real challenge because it must describe a broad spectrum of behavior spanning:
 |
Manipulating what you see (Adware) |
|
Spying on your web browsing (Spyware) |
|
Controlling access to your data (DRM) |
|
Theft of confidential data (Keystroke Loggers) |
|
Remote control of your PC (Worms/Trojans) |
As you can see, there is a wide range of exposure from mild to severe, just like viruses. So help me out and email me with your ideas for a good name for this problem. At a Microsoft show last month, they used the term RATS (Remote Access Tools). Our readers can do better than that!
ISB Takeaway:
Spyware can't be effectively blocked by any single 'silver bullet' solution. It takes a combination of tighter web browser security settings, firewall blocking of Active-X controls and Java applets, and correctly configured anti-virus software to prevent infection by malicious code. A real-time scanner, such as Lavasoft's Ad Watch can further monitor and block attempts to compromise a PC.
Even with
this arsenal of tools, you will still need to periodically scan your
systems. Lavasoft's Ad Aware is what I use, but there are others out there.
Ad Aware is a free
download, so there's no excuse for not scanning your system right away.
Email me how many 'suspicious components' Ad Aware finds on your systems the
first time you scan them, and I'll publish the results next month,
More about Adware
Read Michael Tuck's excellent article on Adware and Underware. Learn how the Porn industry is the breeding ground for new techniques to manipulate your behavior. It's amazing!
Spam Feedback:
Thanks for the great response from last month's feature on Spam. While most of you have received 100-200 spams a week, one claimed over 1500! A few lucky ones only have about 20 a week. Registering at web sites appears to be the biggest single precursor of getting Spam, so use a disposable Hotmail or Yahoo account when you register.
The ISB is a monthly email newsletter published by IPkey.com, your source for affordable information security monitoring and management. IPkey.com is part of Meridian Group, a New Mexico based corporation serving the IT need of it's clients for 14 years. We encourage you to forward ISB to your co-workers, colleagues and friends. To subscribe or unsubscribe to the ISB newsletter, email us at isb@ipkey.com.
Next Month:
Cyber-terrorism: What you need to know about politically motivated hacking,
worms, viruses and other attacks. It's just the beginning.
All contents copyright (C) 2003 Meridian Group Inc.