Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

How To Protect Your Network's PCs: Page 3 of 13

Spyware affects both PC performance and network security. For example, adware programs that serve pop-ups or track user Web activity can drag down a PC's operating speed or cause programs to fail. Such problems inevitably generate help desk calls from irate users. Other spyware is plain malicious and may leak sensitive information or render the machine vulnerable to remote control.

Traditional anti-virus products can, to some extent, handle the security risks. Desktop anti-virus software can catch known Trojans and keystroke loggers that arrive via e-mail or are discovered on the hard disk during a scheduled scan. Both anti-virus and anti-spy software use signatures to catch these malicious programs.

However, there are three reasons why anti-virus products have been slow off the mark to explicitly address spyware. First, spyware is often delivered via the Web rather than over e-mail. Sometimes spyware can insert itself through browser vulnerabilities. The Download.Ject Trojan, for example, loaded itself onto PCs by exploiting a bug in Internet Explorer. Most adware programs are bundled with free games, peer-to-peer programs, or utilities such as weather monitoring tools that are installed by the user, so traditional anti-virus scanners won't catch them during download.

Second is how spyware is defined. While Trojans and keystroke loggers are clearly malicious and usually illegal, adware exists in a gray area.

"There's a liability issue with spyware," says Bob Hansmann, product marketing manager at Trend Micro. "A lot of companies [that make user tracking programs] call what they do a legitimate marketing practice."