If your computer has been changing its homepage on its own, or taking you to a different search engine than you wanted, or flooding its screen with popup ads, or running unusually slow, theres a good chance its been hijacked by adware or spyware.
Some estimates claim as many as nine out of ten computers have been infected by adware or spyware. Its more than ironic that so many computers in the advertising and marketing industry have this problem since our industry helped create the technology these threats were based on. Similar in design, adware and spyware began their lives as relatively innocent computer applications designed to collect marketing information. However, they have evolved into something much more problematic.
Adware was initially designed to send your computer popup ads (and steer you towards specific commercial sites on the Internet, whether you wanted to go there or not). The good marketing idea behind this was that by monitoring which Websites you visited, marketing companies could use your browser to display popup ads for products that were related to the sites you were visiting. Once adware programmers realized how easy it was to take control of IE browsers, they extended the ability of adware to reprogram your homepage, open different search engines than you wanted, and take you to Websites you had no wish to go to.
Even worse, taking advantage of the security flaws Microsoft is justly famous for, adware programmers learned how to use Internet Explorer to gain control of the Windows operating system itself, which led to the development of variations of trojan programs called RATs (for remote access trojan). RATS provide hackers with a backdoor to your computer that can be used to make your computer do almost anything they want it to.
In some recent cases, businesses have hired hackers to use RATs to launch attacks on their competitors Websites. The hacker plants a RAT on one or more popular Websites and waits a few days for it to infect a sizable number of unsuspecting computers. The RAT is programmed to log on to the Internet and monitor a chat room for a particular, and seemingly innocent, message that will trigger the RAT. When triggered, the RAT launches a denial of service attack against a specific Website by repeatedly asking for the same page. When this happens, the only indication something is going wrong with your computer is that the computer runs unusually slow.
Spyware is a more dangerous variation of adware; its readily and frequently used for illegal purposes, and its more difficult to detect since its designed not to attract attention to itself. By using a small application called a key logger, spyware can record literally every keystroke made on an infected computer, including what passwords and credit card numbers are entered, and forward that information to hackers on the Internet. Spyware can also be used to collect financial information, like Quicken files.
Adware and spyware have become so common that a variety of free and commercial programs have been created to address the problem. Their quality varies considerably so it pays to research the effectiveness of the programs before using them. Some anti-adware/spyware programs can actually harm computers by mistaking critical operating system files for adware or spyware and deleting them, resulting in a computer that crashes frequently or may not even boot. Beware of the products that are promoted by offering free scans on the Internet (some dont even really scan you computer at all, and some actually install adware themselves).
Fortunately, two of the highest rated anti-spyware/adware programs, Spybot Search & Destroy and Ad-Aware SE Personal, are free and available for download on the Internet. Spybot can be downloaded from www.safer-networking.org
, and Ad-Aware SE Personal can be downloaded from www.lavasoft.de/support/download/
Ad-Aware is also available in a commercial version called the Ad-Aware ®SE Professional Edition for $39.95. It offers advanced features including the ability to detect and delete adware and spyware based on its behavior in addition to definitions of known adware and spyware.
There are several bills pending in Congress to address the adware/spyware problem, including the Software Principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK ACT) (S. 2145), the Securely Protect Yourself Against Cyber Trespass (SPY ACT) (H.R. 2929) and the Internet Spyware Prevention (I-SPY ACT) (H.R. 4661). While well intentioned, none of these bills would be able to prevent adware and spyware initiated from outside the United States.
In the foreseeable future, the only protection businesses will have will be using defensive software and limiting Internet surfing and downloading by employees (especially the downloading of games by kids visiting their parents at work).
Both Spybot and Ad-Aware should be installed on every PC your business has connected to the Internet, and as soon as possible. In addition, other top rated commercial defensive software considered. Most good anti-adware/spyware programs will catch most problems, but not all of them, so its a good idea to use more than one anti-adware/spyware application and update them frequently. These days, businesses cant afford any adware or spyware infection.
Businesses counting on Norten AntiVirus alone to keep their computers safe are putting themselves at great risk. Unlike viruses, spyware and adware are much larger and more sophisticated computer programs, and Norton simply wasnt designed to take on threats like these.
A good site to visit to keep up to date on adware/spyware issues is the Website of the Alliance of Security Analysis Professionals http://www.a-sap.org/
. If anything, the problem will get worse before it gets better. With a reasonable budget, the technology behind adware/spyware could be extended and used to launch a major attack on US e-commerce that would cost billions of dollars and take months to recover from.
If any good is to come from the development of adware and spyware, it would be that our industry is reminded that technology is always a double edged sword. The negative consequences of a new technology are rarely considered, even if the negative consequences are likely to be unavoidable and extremely expensive. To paraphrase an old saying, countries that trade security for quick profits are likely to find themselves left with neither.
Glen Emerson Morris has worked as a technology consultant for Network Associates, Yahoo!, Ariba, WebMD, Inktomi, Adobe, Apple and Radius, and is the developer of the Advertising & Marketing Review Data CD.