1 / 23

Spyware and CA eTrust PestPatrol

Spyware and CA eTrust PestPatrol. Sioux Fleming FSP Toronto, 5 November 2004. Agenda. Introduction History of computer threats Definition and types of spyware Differences between spyware and viruses Spyware and the Help Desk CA eTrust PestPatrol Anti-Spyware

meagan
Télécharger la présentation

Spyware and CA eTrust PestPatrol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spyware and CA eTrust PestPatrol Sioux Fleming FSP Toronto, 5 November 2004

  2. Agenda • Introduction • History of computer threats • Definition and types of spyware • Differences between spyware and viruses • Spyware and the Help Desk • CA eTrust PestPatrol Anti-Spyware • Resources for more information • Questions

  3. Introduction • Sioux Fleming, Director, Product Management • Part of PestPatrol acquisition by CA • Prior to PestPatrol, at Symantec in Anti-Virus and encryption security product management • Technical support for enterprise customers • QA for data recovery products

  4. Overview of Spyware

  5. The History of Threats 1980… Early 90s 1992 1994 1995 1996 1998 2000 2002 2003 • Viruses, Boot Viruses, Worms, Applications, New O/S, Java, Hacks, “Blended threats,” DDoS • Now: Spam, Phishing, Spyware…what’s next?Answer: look at what is paying… Boot Sector Word Virus Bugbear, Blaster, SoBig, Welchia Sober MyDoom Nesty Bagel Java Virus BackOrifice Sunrise Hack 1300 Viruses Linux virus Code Red, Nimda, Anna 1st Worm Mac Viruses Jerusalem Elk Cloner Credit Card Theft, Mitnick arrested, 250k DoD attacks Melissa, Bubbleboy DDoS, Lovebug

  6. Definition of Spyware The term spyware means any software program that aids in gathering information about a person or organization without their knowledge, and can relay this information back to an unauthorized third party

  7. Categories of Spyware • Keyloggers • Remote Access Tools (RATs) • Dialers • Browser and search hijackers • P2P: e.g. Gator, Grokster, Kazaa, etc. • Pop-ups • Trojans • Spyware cookies • Grey area • Commercial remote access tools • Commercial tools to monitor user web surfing habits • Browser help objects

  8. How do People Get Infected? • Web browsing • Unauthorized downloads • File swapping • Email attachments • Instant messaging • Installing “legitimate software” (malicious mobile code) • Intentional installation by employee

  9. VIRUS Illegal under all circumstances Normally one author Single program and registry key Motive for developing virus is varied - including notoriety Virus writers grow up and stop (or perhaps go on to write spyware) SPYWARE Often legal – accepted by consumer Typically a team of authors and business relationships Often many programs with multiple registry keys May have multiple processes that defend each other Motive for writing is profit Virus Versus Spyware

  10. The Problem is Growing Number of Spyware Reports 1,200,000 1,100,000 1,000,000 900,000 800,000 700,000 600,000 500,000 400,000 300,000 200,000 100,000 - Dec 03 Mar 04 Apr 04 May 04* June 04* July 04 Aug 04 *Estimates of average monthly increase Source:CA Security Advisory Team, Center for Pest Research

  11. Why Complete Removal is Important • Many spyware programs are tricklers will come back if pieces are left behind • Many spyware programs load other spyware programs • Some spyware programs hook the LSP stack and will interfere with the Internet connection

  12. Kazaa install screen 3

  13. What’s in jeopardy • At Home • Investment in computer and software • Identity • Privacy • Bank accounts • Reputation • At Work • Help Desk costs • User productivity • Brand equity and reputation • Intellectual property • Regulatory compliance • Legal liability • Revenue opportunity cost

  14. Spyware and the Help Desk • Typical calls: • System slowdown – boot time and Internet access times increased • Lost internet connection • Web browser hijacked • Search sites not behaving as usual Source: FTC June 2003

  15. Spyware Impact on Help Desk • Microsoft reports that 50% of all crash reports sent to them by Windows are spyware related • Dell reports that 12-14% of all support calls are spyware related • Several corporate customers have reported that 40% of help desk incidents are spyware-related

  16. Other Impacts on Business • Legal liability and/or regulatory compliance costs • Lost employee productivity due to slowdowns and business interruption • Compromised company information or access to company assets

  17. Performance Impact of Grokster Source: The Center for Pest Research

  18. The Trickler Effect Installing Grokster also gives you: BrilliantDigital, BroadcastPC, Claria, Cydoor, DownloadWare, eAcceleration, FlashTalk, FlashTrack, GAIN, IPInsight, KaZaA, MapQuest Toolbar, NetworkEssentials, RVP, SaveNow, SearchEnhancement, Stop-Popup-Ads-Now, TopSearch, Unknown BHO, Unknown Hijacker, VX2.h.ABetterInternet, Web P2P Installer, webHancer, WurldMedia and Xolox. Source: The Center for Pest Research

  19. eTrust™ PestPatrol® Anti-Spyware Comprehensive Anti-Spyware Solution Conference Bridge (877) 498-4733

  20. Anti-Spyware Complements Traditional Methods Viruses Worms Trojans Buffer Overflows IE Exploits Outlook Exploits Spyware Adware Hacker Tools Distributed Denial-of-Service Zombies Keyloggers Trojans Hack in Progress Routed Attack Port Scan

  21. Other Sources of Information • COAST – Consortion of Anti-Spyware Technologies: www.coast-info.org • FTC Spyware workshop April 2004: www.ftc.gov/bcp/workshops/spyware/ • Spyware Guide: www.spywareguide.com • Spyware information: research.pestpatrol.com • www.microsoft.com/athome/security/spyware/

  22. Questions?

More Related