All papers are checked via
|← Computer Spywares||WTL 7 →|
According to Aycock (2010), spywares are online malicious programs that gather computer users’ information through accessing the system without the users consent. This implies that the presence of spyware is concealed from the computer user, and might go undetected, since they are secretly installed. Additionally, users of corporate or public/shared computers install spyware to monitor another computer user. The use of spywares extend further than just monitoring computer users to include the collection of personal information such as websites that are visited frequently, web browsing habits, and interfering with user control through automatic installation and redirection of web browser activities (Erbschloe 2005). Common characteristics of spyware include changing system settings, decreasing the internet connection speeds, and affecting the operation of other installed application programs. This paper analyses spyware security basing on the types, detection, effects and prevention of spyware attacks.
Types of Spywares
Various types of spyware run on personal computers without users knowledge. Their potential effects vary from annoyance to huge losses of data, depending on their destruction capabilities. Some examples include adware, browser hijacker, keyboard logger, and modem hijacker. Adware is the most popular kind of spyware, and they are generally small online malwares. Computer users view them as pop-ups, pop-over and pop-under sent by the computer adware upon detection of online connection. The pop-windows contain information such as airline tickets to gather purely filthy material. They track and steal system information, additionally; the data collected is sold to other companies that engage in mailing junk mails.
Browser hijackers are identified by the transformation of browser homepage and the search engine, and the introduction of a different default homepage (Haley & Heise 2008). They are completely a source of annoyance whenever the computer browser is run, displaying unwanted ads. Browser hijackers have been known to be data collectors and reports browsing practices to a database for commercial purposes.
Keyboard loggers are special spywares designed to record information such as PIN number and Email passwords entered in an online or offline session. They are one of the most disastrous malware since it shares information without the users consent. On the other hand, modem hijackers are the most devastating types of spyware, also called diallers. Their installation is done via computer adult websites, virus infection, or wares. They might subject computer users to large bills of telephone calls since they dial long distance without the users consent, generally used in online chats.
Spyware Infestation Methods
Spywares are not distributed in a similar manner to viruses and worms since systems that are infested with malware do not transmit the malware to other systems. Spyware infestation takes place through a deception of the user and exploiting the application software vulnerabilities. In addition, their automatic installation without user’s knowledge and consent are aimed at avoiding detection and disrupting their functionalities. There are spyware programs that come as security applications while others are piggybacked on authentic desirable software. In most cases, the spyware distributors maintain that their application program is a useful utility or a software agent with the primary objective of tricking the users to install the spyware and make the user believe that the software will not affect the system. Spyware infestation can also take place via bundled software, whereby users download and install legitimate application software, which in turn embarks on automatic installation of the spyware. Cases have been reported of spyware developers colluding with shareware developers to bundle their spyware with a legitimate software utility (Erbschloe 2005). Furthermore, spyware developers sometimes embark on repackaging the legitimate software and integrating their spyware into the utility. Spyware infestation also takes place through security vulnerabilities of web browsing applications, whereby users’ website activities are redirected to a website controlled by the spyware that has a script code used for attacking the web browser, resulting in forced download and installation of the spyware. Spyware authors usually have extensive knowledge regarding the functionality of firewall and antivirus software that are available; as a result, they use the “drive-by download” concept to increase the vulnerability of users to download and install their spywares. Most spyware developers target the Internet Explorer because of its numerous security issues and extensive integration into the Windows platform. Spyware authors use Browser Helper Objects to alter behaviour of internet browsers and installation of additional tool bars and traffic redirection (Erbschloe 2005).
Most spywares keep encouraging the user to agree to the terms and conditions, a popular drive-by download. This insisting nature is due to the incorporation of ActiveX control, which attempts to run every time the user accesses a spyware infested site. The browser will always ask for verification from the user to install, essentially for security purposes. This activity might continue if the user disagrees and eventual confirmation stops the browser from asking for verification.
Spywares create a perception of essentiality and seem invisible. Various spywares employ valid and convincing names such as winstartup. As such, many users have a tendency of having them running due to fears that upon disabling, a system failure might occur (Stecklow 2011). Some apply the usage of varying file names and locations to evade being detected. Additionally, they install software updates devoid of the users consent. The confusing and legalese feature of the spyware evidenced by vague and confusing terms and conditions for installation enables them to find their way into systems.
Signs of Spyware Infestations
Spywares indications are diverse and computer users need to be conversant with them to ensure that the problem is fixed before the occurrence of unauthorized access and other PC destructive activities The first sign is regular pop advertisement. Spywares present irrelevant adverts to the site being visited by the user. The adverts are frequently unwanted material, which might be objectionable to the purported user. Sudden pop-ups when the browser is inactive clarifies the spyware and unwanted software infestation (Shetty 2010). Another sign of spyware attacks is changes in the system settings, which cannot be restored back. Moreover, in case the user manages to restore changes, they always revert upon restarting the computer.
Additional constituents of web browsers, such as toolbars that install themselves are spyware symptoms. These toolbars are difficult to eliminate since they will always occur when the system is rebooted. Jacks (2011) points out that sluggishness of the computer systems might sometimes be associated with spyware attacks. A design characteristic of spywares is that they have no efficiency and of less benefit to the user. They consume much of computer memory and take a wider share of the internet bandwidth to display the advertisements and monitor users’ activities. The reduced speed results in the system and software installation errors and eventually computer crashes.
Effects of Spywares
The effects of spyware in computer systems can be detrimental to an organization or personal usage. The first effect is cases of identity theft and fraud. There are financial losses attributed to identity theft. Spyware vendors can change a modem to dial up a premium rate by use of modem hijacker (Aycock, 2010). This results in perpetually high call expenses to computer users who use call services.
Spywares have aided in the copy-protection technologies. Companies such as Sony BMG Music Entertainment used XCP digital rights management technology, which had installation and detection difficulties. This application rendered many computers incapable of working properly. In order to solve the problem, Sony Company provided a solution for users to apply to uninstall the application from their computers. Microsoft has also been accused of providing Windows Genuine Advantage Notifications application. This software was meant to ensure that computer users had genuine copy of Windows operating system, but it presented un-installation difficulties and claimed to be phoning home, which are genuine characteristics of modem hijacker.
Another destructive nature of spywares is the manufacture of stealwares and upraise of affiliate fraud. A stealware is an application closely related to and functions like a spyware. It directs online revenue payments from the legitimate online seller to spyware vendor.
Prevention of Spyware Attacks
The effects of spyware infestation are diverse, malicious and much powerful than previous times hence needs prevention strategies. This implies that spyware protection demands knowledge and antispyware professionals to offer safer online activities, and eradicate fraud and identity theft among other threats. Some preventive option includes avoidance of free software applications, which is important in preventing spywares that are hidden in computer applications. Additionally, downloading these software applications from trusted is essential to avoid spyware programs (Fox 2005). Enhancing browser security settings enables safer internet settings because it will enable the browser to warn users of any malicious sites having unwanted programs and spywares he or she is about to visit. Operating systems need to be updated with current security patches. Email and instant messaging are avenues for spyware insecurity.
Firewalls play a fundamental role in thwarting spyware effects by managing traffic between networks having varying zones of trust. The internet has become a no-trust zone due to the integration of spyware and unwanted programs (Avoine et al. 2007). As such, users need to install firewalls to control traffic between internally networked computers and the internet. Antivirus applications have a vital role to protect the system from attacks. However, latest versions from trusted vendors are more important than free antivirus available online.
Various types of spywares include key loggers, adwares, browser hijackers and modem hijackers. Some examples of spyware symptoms include pop-ups, computer sluggishness, changes in the homepage and search engines, and additional features such as browser toolbars. Various implications of spywares include internet fraud, emergence of stealwares and identity theft. Spyware prevention techniques include enhancing browser security settings, using firewalls to control network traffic and avoidance of free computer applications.