Notlong ago, computer viruses were the biggest problem personal computer users hadto contend with. However, these days most computers run some sort of antivirusprograms and most e-mail systems have built-in scanners to slow downe-mail-borne viruses. The emerging problem in the last year or two has beenspyware.
The
more serious varieties of spyware may search for modems attached to the user's
computer and then attempt to make telephone calls to pay-per-use services,
usually located in the Caribbean or
The
worst variety install backdoors that allow hackers to access to the computer or
install "keyboard loggers" that quietly monitor passwords used by the user to
access secure systems, including office computers and online banking sites.
Aside
from the obvious security risks, spyware uses memory and resources (including
bandwidth used to access the Internet). It may therefore impair the proper
function of PCs by slowing down their operation or causing conflicts with other
software and adversely affecting system stability.
Compared
to computer viruses, spyware is harder to guard against, even in a corporate
environment. The use of anti-virus scanners on the firm e-mail system, even
combined with good Internet use policies that prohibit users from downloading
or installing unapproved software programs, won't provide full protection.
In
some cases, a computer can be infected simply by visiting a compromised web
site containing code that exploits security holes contained in the browser or
operating system. Also, most organizations have little control over their
staff's home computers. An infected home computer can then be used to steal
passwords for accessing the company or firm resources remotely.
Computers,
both at work and at home, need to be updated promptly with security and
critical updates issued for the operating system and application programs.
Personal firewall programs that monitor and control both incoming as well as
outgoing traffic (such as ZoneAlarm Firewall) should also be installed on each
computer. This should be done even if the network that the computer is attached
to is protected by a firewall or router (because the primary purpose of such
routers is to protect computers from outside attackers, not to monitor whether
hidden programs are trying to send personal data to the outside world).
Anti-spyware
programs (such as Spyware Doctor, Ad-Aware, Spy Sweeper and Spybot Search and
Destroy) should also be installed on each computer. While some anti-virus
programs (such as McAfee Antivirus or Norton Antivirus) and some personal
firewall programs (such as Outpost 3.0 and ZoneAlarm Internet Security Suite 6)
now include built-in anti-spyware components, no one program is 100-per-cent
effective.
In
addition to the digital armour provided by the software programs described
above, safe computing practices are also critical. Avoid installing unknown
software and stay away from hacker-type web sites (such as those offering
infringing software or music downloads). It also means keeping a separate
computer at home to access corporate systems (or online banking resources) and
which the kids in the house are prevented from using.
The
financial services industry has also singled out spyware as a big problem.
Although still in the minority, a significant percentage of Internet users have
become so concerned about spyware and online fraud that they have stopped using
online banking facilities and/or have reduced their online purchasing
activities.
In
the
According
to the FBEC, the use of single-factor authentication is inadequate for
high-risk transactions involving access to customer information. Although its
requirements apply only to
Alan
Gahtan is an information technology lawyer admitted in
