The number of tools available to combat spyware is growing, and they're getting more effective. They're offered by software vendors that specialize in standalone spyware-removal apps, such as offerings from PestPatrol Inc. and Webroot Software Inc., which have apps to scan and remove spyware. And antivirus vendors such as Symantec Corp. and Network Associates Inc. have begun adding spyware-detection and -removal software to their antivirus apps.
Spyware also is attracting the attention of politicians. Lawmakers are expected this year to introduce a new version of the Safeguard Against Privacy Invasions Act, a bill to prohibit spyware. Reps. Mary Bono, R-Calif., and Edolphus Towns, D-N.Y., have been working with privacy-rights groups and the IT industry to refine the bill. One of the primary goals of the act is to direct the Federal Trade Commission to prohibit the installation of spyware on computers used by financial institutions or the federal government, unless the user first agrees to the snooping.
Another trend that experts expect to see this year is more spammers making use of virus-writing tools and techniques. Spammers are using the tools of virus writers to anonymously send their ads. Vincent Weafer, senior director of development at Symantec, says spammers will continue to use viruses and Trojan horses to infect computers so they can then use those machines to anonymously send out waves of E-mail. "They're now turning to home-user and small-business systems," Weafer says. "They're hijacking tens of thousands of vulnerable systems and turning them into anonymous spam mailers."
More than 65% of the spam messages intercepted by E-mail security firm MessageLabs, which filters spam and viruses for companies, are sent from PCs that have been hijacked by spammers and transformed into spam relays, the company reports. This trend came to light with the Sobig.F virus. At the peak, MessageLabs says one in every 17 E-mails it intercepted contained a copy of the Sobig.F virus. By Dec. 1, it had stopped more than 32 million E-mails infected with the virus.
Many security experts believe the writer or writers behind the Sobig.F virus were actually spammers or working with spammers, looking to use that virus to infect thousands of machines that could then be used to anonymously blast millions of spam messages. The technique keeps spammers' identities secret and can also sidestep black lists used by Spam filters. Sobig.F's success will likely lead to similar outbreaks.
Another relatively new and growing danger: peer-to-peer networks and instant messaging. Expect virus writers and snoops to start exploiting the popularity of peer-to-peer networks, such as Grokster, Kazaa, and Morpheus, and instant-messaging services offered by America Online and others.
Any company with employees using peer-to-peer file-sharing networks is inviting trouble. Consider the following experiment conducted by Bruce Hughes, director of malicious-code research at TruSecure Corp.'s ICSA Labs. He set up a crawler program on Kazaa and other peer-to-peer networks, scanning for popular file types using keywords such as sex and antivirus. Hughes says 45% of the files he downloaded contained malicious applications. "If you're downloading files from these networks, you're going to get infected with something," he warns.
Almost all the big attacks last year were aimed at Microsoft PC and server software. This year, new threats will appear aimed at emerging operating systems and devices, such as Linux, handheld devices, and smart cell phones. "We'll see a cell-phone virus. It's almost a certainty," says David Perry, global director of education for antivirus and content security firm Trend Micro Inc. "We'll also probably see a virus designed to spread over wireless LANs. We just don't know when; it could be this year or it could be five years."
Linux is more susceptible to attack because it offers increased functionality and more users are using a graphical interface such as Lindows, which makes Linux easier to run, says TruSecure's Hughes.
Still, most experts agree that Microsoft will remain the target of choice for worm and virus writers, at least for the short term, because of its market dominance.