In pilot testing for a new anti-spyware service, net security company ScanSafe found spyware was a growing problem and infected machines were constantly sending information unbeknownst to the user. The problem is caused by spyware applications "calling home", which, besides sending information to another computer the user may not want to reveal, uses up bandwidth.
"Spyware is still a major problem today and is evolving quickly," said Jay Barbour, VP product management at ScanSafe. "Spyware applications are becoming more and more stealthy in their ability to hide their outbound "covert" channels among the magnitude of normal web traffic coming in and out of the enterprise firewall."
According to Barbour some firewalls find it difficult to distinguish between legitimate and hostile port 80 traffic, letting swathes of unwanted data pass through.
Yesterday [Monday] SC reported the Federal Deposit Insurance Corporation (FDIC) had issued guidance to financial institutions about the risks associated with spyware and ways they can protect themselves. Amongst other measures the FDIC recommended that financial institutions include spyware threats as part of the risk assessment process.
