Monday, June 21, 2021

Gambling, Porn in Workplace Breed Spyware

Some security pros estimate that half of all spyware on corporate

networks comes from employees going to pornographic and gambling Websites

on company computers.

”I think a lot of companies are blissfully unaware of what their

employees do on their networks,” says Ken van Wyk, principal consultant

for KRvW Associates, LLC and a columnist for eSecurityPlanet.

”If you take generic commercial America, a pretty good percentage of

sites don’t spend a lot of time and energy monitoring what their

employees are doing. It’s still seen as somewhat of a stigma. People are

on an honor system. If you believe those statistics, apparently the honor

system isn’t working.”

And van Wyk says this can mean trouble, since spyware is no longer the

nuisance it used to be.

”I think the potential for spyware to do really bad things is certainly

out there,” he adds. ”The potential for danger is pretty daunting. I

certainly wouldn’t want any of that sitting on my network.”

Bob Hansmann, a senior manager at Trend Micro Inc., which has its U.S.

headquarters in Cupertino, Calif., says spyware is increasingly

troublesome for companies. And he says employees largely are to blame for

it.

IT administrators instantly would be able to reduce spyware by as much as

50 percent if they could keep users from visiting pornographic and

gambling Websites while on the job, says Hansmann. He notes that when

customers start using URL filtering software, blocking porn and gambling

sites, their spyware problem has been cut in half.

Hansmann tells the story of some IT professionals working to patch their

network. While they were waiting for the patches to download, they would

use another machine to surf the Net, visiting pornographic sites. The IT

people actually became the source of the company’s spyware infections

while they were in the process of following a good security practice.

User Complacency

Ken Dunham, a senior engineer for VeriSign iDefense Intelligence based in

Mountain View, Calif., says most users are visiting these Websites

because they don’t think they’ll ever be caught. They also might think it

would be better to be caught on these Websites at work than at home.

”There’s a certain degree of complacency. They wouldn’t do it at home

because they’re afraid of what [malware] they might get. But they’ll surf

at work because it’s not their system, and they don’t think they have to

worry about it… It’s like owning a house or renting a house.”

When someone visits many of the online gambling or porn sites, they might

get legally installed spyware or they might be silently infected with

illegal spyware or adware. Some sites will alert the user that a program

is going to be downloaded and asks for the OK. Other sites will illegally

reroute the user to another site without their knowledge where a bunch of

spyware will be installed silently and without the user’s permission.

”To view a site, you might have to install an ActiveX object to view

what’s on that site,” explains Dunham. ”Or you might have to install

some code. A lot of porn sites require you to download an executable so

you can view the pictures or the movies. That executable should be seen

as quite suspect. It’s an executable. They’d have spyware attached. That

might even be a legal installation, but it was presented and someone

clicked on it being OK.

”The user might run an application and not realize it’s installing stuff

you don’t know about,” he adds. ”There are a lot of installations where

you have no idea what you’re getting. You think you’re just getting this

pornography package but there might be a bunch of things being installed

with it and you have no idea.”

Blocking Porn and Gambling

So why don’t IT administrators just block pornographic and gambling

sites?

Well, it’s not as easy, or effective, as it might seem.

van wyk says IT admin need to combine technology with a strong policy to

have any chance of making it work. He recommends trying a URL blocker

that would sit in line with the firewall. And then he says the company

needs to come up with a strict policy that states that the company’s

computers and network are to be used for legitimate business purposes

only. It also needs to spell out that workers will be monitored, there

should be no expectation of privacy and there will be repercussions if

the rules are broken.

”You have to realize that this is not a trivial thing,” says van Wyk.

”If you go looking for something, you better be prepared to act on it.

There is an administrative burden in following through on that.”

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...