Why Spyware Poses Multiple Threats to Security

Thompson, R. (2005). Why spyware poses multiple threats to security. In P. De Palma (Ed.), Computers in society (pp. 121-123). Dubuque, IA: McGraw-Hill.
Unit 6, Article 28

Review by Kim Doyle

In this article Thompson warns us of the growing threat of spyware referring to it as annoying and impacting the computer experience in very negative ways. Thompson also informs us that it poses a very real threat to corporate and even national security. Spyware is software downloaded unknowingly and presents real and pervasive dangers that are not always known. They are also not very obvious. Spyware installs itself silently on a PC where it begins any number of unwanted actions. Among these are "phoning home", where information about a PC user and their computer habits are sent to a third party to use to spam a computer. Another tactic is to capture keystrokes a user types thereby accessing personal information, bank accounts, passwords, etc. While spyware presents this threat to security and privacy, it can also harm computer performance. The addition of spyware can significantly slow down a computer's boot time which if multiplied by the number of PCs used within an organization, can wreak havoc on productivity.

This article points out that thousands of spyware applications are downloaded every day in large organizations in which employees use the Internet. Some of these applications are undoubtedly intended to steal passwords and critical data. Thompson notes that despite its prevalence, it is probably the least understood espionage tactic used today. Also very disturbing is that spyware is used by terrorists to disable computer networks during crises.

Thompson offers some potential solutions. He suggests the first line of defense is education and protection. Anyone connected to the Internet must know they are part of an incredibly complex network. Spyware creators take advantage of this. Organizations such as COAST (Consortium of Anti-Spyware Technology), are being created to make users aware of the spyware threat. The second line of defense presented in this article is disclosure legislation. All applications should be readily identifiable by users prior to installation so that users know what is being downloaded to their systems. The third solution offered by Thompson is aggressive prosecution. Lawmakers should aggressively pursue those who use spyware to disrupt service and steal private information. The final line of defense is planning for spyware attacks and developing responses to them. It is important, notes Thompson, that businesses and government work together to address this issue and develop safeguards to protect the security and privacy of Internet users.

Reaction

I knew nothing about spyware prior to reading this article. It is quite frightening and leaves one with a feeling of being violated. It is a very uncomfortable thought to think that each time I log on to the Internet, spyware users may be accessing my personal information or tracking my keystrokes to tap into my bank account. It is particularly discomforting to learn that terrorists are using spyware to disable computer networks. It makes me want to discontinue posting articles on this blog for fear of creating an avenue for a spyware user to access my information. So I believe I will sign off for now and hope that Thompson's proposed solutions are taken to heart by those in a position to disable these insidious threats.