For starters, let's be clear: Spyware is a widespread problem. A recent report from EarthLink and Webroot found nearly one in three computers infected with spyware of some sort. An earlier survey from the same companies found the average computer touched by spyware typically is crammed with nearly 28 separate instances of it.
One of the challenges of tracking spyware and adware is that, as relatively new problems to deal with, there's little agreement on how to define the problem or the software responsible for it. It even goes by different names: spyware, adware, or malware. So let's try to bring a little clarity to the situation.
What all of these types of software have in common is that, through various means, they become installed on a user's system and perform some sort of background process. That's where things get tricky.
One type of software, so-called adware, is delivered by legitimate companies and in most cases with the express agreement of the user. Here's a typical scenario: A user downloads a piece of software such as a peer-to-peer file-trading application. The user has the option of paying for the software or, alternatively, agreeing to view pop-up ads in exchange for a free version of the software. A couple of clicks and two pieces of software--the P-to-P software AND the adware--get installed on the system.
From that point on, the adware software observes a user's Web surfing and pops up relevant ads based on those habits. The user gets free software, and advertisers get access to highly targeted ad recipients.
So everyone's happy, right? Wrong. In too many cases, users fail to read the fine print or understand precisely what they're agreeing to have downloaded to their systems. In addition, users often end up with multiple adware apps on their systems, the combination of which can cause conflicts or system slowdown.
Makers of adware--including Claria, DoubleClick, Tacoda, and WhenU--strongly contend that they're running legitimate, opt-in businesses and enabling users to get something valuable (typically a software application) in exchange for viewing a few ads. According to Jupiter Research, nearly 12% of companies that advertise online make use of some type of adware software. Whether such ad networks will ultimately survive in their current form remains to be seen (though Claria, for one, recently filed to go public).
Regardless, less-legitimate forms of spyware are likely to continue to proliferate. And they can do significant damage: Malware can change system or registry settings; "hijackers" redirect users or reset home pages to specific Web sites; "dialers" make for-fee calls to online services; Trojan horses sneak unwanted software onto your PC; "collect-ware" keeps tabs on your keystrokes and surfing habits.
The impact on IT should be obvious. While some spyware is harmless, at a minimum it can slow the performance of individual machines or frustrate users by altering the way their browsers work. Badly infected computers can cease working altogether. Most important--and problematic--managing spyware can become a full-time task for IT departments, tapping manpower and requiring the development of enterprisewide policies for reining in its spread and impact.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.