Wednesday, December 11, 2024

Gambling, Porn in Workplace Breed Spyware

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Some security pros estimate that half of all spyware on corporate

networks comes from employees going to pornographic and gambling Websites

on company computers.

”I think a lot of companies are blissfully unaware of what their

employees do on their networks,” says Ken van Wyk, principal consultant

for KRvW Associates, LLC and a columnist for eSecurityPlanet.

”If you take generic commercial America, a pretty good percentage of

sites don’t spend a lot of time and energy monitoring what their

employees are doing. It’s still seen as somewhat of a stigma. People are

on an honor system. If you believe those statistics, apparently the honor

system isn’t working.”

And van Wyk says this can mean trouble, since spyware is no longer the

nuisance it used to be.

”I think the potential for spyware to do really bad things is certainly

out there,” he adds. ”The potential for danger is pretty daunting. I

certainly wouldn’t want any of that sitting on my network.”

Bob Hansmann, a senior manager at Trend Micro Inc., which has its U.S.

headquarters in Cupertino, Calif., says spyware is increasingly

troublesome for companies. And he says employees largely are to blame for

it.

IT administrators instantly would be able to reduce spyware by as much as

50 percent if they could keep users from visiting pornographic and

gambling Websites while on the job, says Hansmann. He notes that when

customers start using URL filtering software, blocking porn and gambling

sites, their spyware problem has been cut in half.

Hansmann tells the story of some IT professionals working to patch their

network. While they were waiting for the patches to download, they would

use another machine to surf the Net, visiting pornographic sites. The IT

people actually became the source of the company’s spyware infections

while they were in the process of following a good security practice.

User Complacency

Ken Dunham, a senior engineer for VeriSign iDefense Intelligence based in

Mountain View, Calif., says most users are visiting these Websites

because they don’t think they’ll ever be caught. They also might think it

would be better to be caught on these Websites at work than at home.

”There’s a certain degree of complacency. They wouldn’t do it at home

because they’re afraid of what [malware] they might get. But they’ll surf

at work because it’s not their system, and they don’t think they have to

worry about it… It’s like owning a house or renting a house.”

When someone visits many of the online gambling or porn sites, they might

get legally installed spyware or they might be silently infected with

illegal spyware or adware. Some sites will alert the user that a program

is going to be downloaded and asks for the OK. Other sites will illegally

reroute the user to another site without their knowledge where a bunch of

spyware will be installed silently and without the user’s permission.

”To view a site, you might have to install an ActiveX object to view

what’s on that site,” explains Dunham. ”Or you might have to install

some code. A lot of porn sites require you to download an executable so

you can view the pictures or the movies. That executable should be seen

as quite suspect. It’s an executable. They’d have spyware attached. That

might even be a legal installation, but it was presented and someone

clicked on it being OK.

”The user might run an application and not realize it’s installing stuff

you don’t know about,” he adds. ”There are a lot of installations where

you have no idea what you’re getting. You think you’re just getting this

pornography package but there might be a bunch of things being installed

with it and you have no idea.”

Blocking Porn and Gambling

So why don’t IT administrators just block pornographic and gambling

sites?

Well, it’s not as easy, or effective, as it might seem.

van wyk says IT admin need to combine technology with a strong policy to

have any chance of making it work. He recommends trying a URL blocker

that would sit in line with the firewall. And then he says the company

needs to come up with a strict policy that states that the company’s

computers and network are to be used for legitimate business purposes

only. It also needs to spell out that workers will be monitored, there

should be no expectation of privacy and there will be repercussions if

the rules are broken.

”You have to realize that this is not a trivial thing,” says van Wyk.

”If you go looking for something, you better be prepared to act on it.

There is an administrative burden in following through on that.”

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles