With its potential for being used to do corporate espionage, spyware presents a security threat to more parts of a company than many CIOs might realize.

Wide Open

The spyware-espionage connection was fully illuminated at the end of May when an Israeli author, Amnon Jackont, came upon parts of his unfinished book on the Internet. Since Jackont had not shared the work with anyone, he called the police and found out that it was stolen by his former son-in-law, who had used the "Rona" Trojan horse program to swipe it.

The resulting investigation of the son-in-law's computer revealed scores of other affected computers and companies, with victims that ranged from top executives in the country's telecom industry to the local division of Hewlett-Packard .

Dubbed "Trojangate," the incident resulted in nearly 20 arrests, with some reports indicating that there were hundreds -- perhaps thousands -- of documents stolen from multiple Israeli firms. About 100 servers containing stolen data have been seized and are being investigated.

Target Practice

Discovering the prevalence of espionage via spyware is a tricky endeavor. Many targeted companies might be unaware of such activities, and those that find the spyware programs might not want to talk about it.

There have been some widely reported incidents, though. Webroot Software has noted that some banks in New York were targeted last fall by a program designed to obtain passwords and infect only specific financial institutions.

Also in 2004, MessageLabs came upon a Trojan horse created for the purpose of attacking a type of software used in airplane design.

Spy Plus

Although incidents like these are rare at this point, security experts believe the activity is prevalent enough to cause concern. "I think it would be criminally naive to assume that only those companies that have been publicly identified were nailed," said Roger Thompson, director of malicious content research at Computer Associates.

Attackers have gotten savvy enough to learn new ways to use keylogger programs, which record keystrokes on an unwitting user's computer. The programs can be used to get passwords, read e-mail or simply keep track of a user activity.

Spyware writers also can use Trojans to gain remote access to a computer and execute code, which allows them to find information on a specific drive or within a network . (continued...)

1  |  2  |  Next Page >