There’s been a lot of talk recently about ransomware’s impact on the business environment. It would seem that the central role of this attack casts a shadow over one of the classic villains of cybersecurity: spyware. But a large percentage of today’s attacks suffered by companies today involve this malware. Its risks must not go neglected.
Know your enemy
On occasion, the word “spyware” is used interchangeably with several other types of malware, an error that can lead to confusion. Spyware begins by installing itself on a computer and automatically compiling data from it without the user’s knowledge. This data is then sent to the authors of the attack, with a variety of motives. In addition to gathering information on the victim, it can “hijack” certain functionalities of their computer system, taking advantage of its placement to show ads, redirect to insecure webpages, and carry out other disruptive tasks. Not to mention the data theft that the software was designed to commit, which could range from basic system preferences data to browsing habits, keylogging (putting at risk sensitive credentials), passwords, and bank details. Unlike viruses, spyware doesn’t spread in a “viral” way, but rather sneaks onto the victim’s computer with some other software. Nevertheless, spyware with viral capabilities is becoming more and more common.
What is spyware’s impact?
More than 20% of companies responding to a survey by Cisco reported having been affected by spyware in 2016-2017. According to Cisco, there are three main families: Hola, RelevantKnowledge, and DNS Changer/DNS Unlocker. While the first steals bandwidth in order to sell it, the second installs software without the user’s consent while creating for-sale client profiles. The third one is able to steal personally identifiable information (PII), modify user traffic, and even modify the content being viewed by injecting code “on the fly”. More than 40% of spyware infections tested by Cisco belong to this third family of spyware.
As we can see, spyware is very heterogeneous and acts in many different ways. In general, this type of malware endangers the stability of the system, first by limiting functionality by taking up a computer’s processing space. Second, it opens up a path for other types of malware that could generate even more serious problems. Finally, and most importantly, it is capable of exposing your company’s most valuable data, leading to troublesome situations of industrial espionage and even critical security breaches.
First and foremost, stay protected
Despite the many people that have been affected by spyware around the world, spyware is usually a secondary concern in a company’s security. This common error can lead to severe economic losses, and in the best cases can seriously hinder the efficiency of your workforce. Fortunately, protecting yourself from such malware is not an impossible task. We offer the following pieces of advice to take into account:
- Reject add-ons and software that we do not recognize. This will prevent spyware from being installed by mistake or neglect. We must also be selective with what we install. In fact, as we said, some types of spyware camouflage themselves in other legitimate software, and we ourselves install it on our systems.
- Using a firewall is a useful way to control the traffic that is generated, especially when spyware attempts to send data or make a request to an unwanted service.
- Use active spyware tools that recognize the signatures or behaviors typical of the most common forms of spyware. Other specialized tools, such as Panda Adaptive Defense, monitor in real time the activity of all applications and anticipate suspicious behavior.
- Finally, it is extremely important to keep your software updated. This includes patches for system applications as well as important browser updates.