Are You Being Watched? Beware of Spyware
If you are reading this, you probably have Spyware. That doesn't mean your
boss is watching you, however, but somebody else is.
Steve La, director of Network Services, is the person in charge of protecting
the campus' computers from viruses and anything of that nature that may affect
student, staff and faculty ability to work in a secure environment. Anywhere
from 100,000-700,000 viruses attempt to infiltrate the campus computer system
every day, according to La.
And, as if viruses and SPAM don't provide enough headaches for La, now he has
a relatively new concern called Spyware.
“We have been working with how to protect the campus from viruses so that
has been an ongoing thing,” said La, “but Spyware really concerns me because it
is hard to prevent Spyware.”
La was asked about Spyware and what CSULB students, staff, and faculty can
do to protect themselves from it.
What exactly is Spyware?
Spyware generally refers to data-collecting programs installed on computers
that gather personal information about you and relay it to a third party without
your consent or knowledge. Most users of the Internet are most likely infected
by not only one, but many Spyware programs.
What are common ways Spyware gets onto a computer?
The most common ways are downloading and installing MP3 music-sharing software,
opening unknown e-mail attachments, and connecting to a Web site designed to
distribute Spyware. For example, there is a free software program sent to users
via spam that says if you download and install the software, it promises to
increase your Internet access speed. In reality, the program has a Spyware that
is designed to collect information about your Internet activities by serving
as a proxy between you and the Web sites you visit. The program claims to increase
your Internet access because it caches Internet Web sites.
Is it really faster?
No. We ran some tests and did not find any increased performance, but it is
a huge security risk because the Spyware is tracking and keeping records of
everything you are doing. When you contact your bank, the Spyware proxies the
connection. It also has the ability to access secured Web sites because the
Spyware has replaced your system's security certificate with its own so they
can contact secured Web site such as your bank on your behalf.
What are symptoms of having been infected by Spyware?
In addition to privacy and security concerns, Spyware can cause system and browser
instability and slowness, pop-up advertisements all the time, changes your settings
and prevents you from changing them back, and components on your browser such
as toolbars suddenly appear without your knowledge. If your computer starts
to behave strangely or displays any of the symptoms mentioned above, you may
have Spyware or other unwanted software installed on your computer.
Besides a person loading certain software, what are the most common
ways Spyware can get on your computer?
There are many different ways your computer can get infected with Spyware. They
include opening an e-mail attached with Spyware, accessing a Web site,or installing
Spyware-infested file-sharing programs like Kazaa, Find MP3, Grokster, BearShare,
So, what do we do to help our faculty, staff and students?
For faculty and staff on campus, work with your technical coordinator to migrate
your desktop computer to our campus security domain. Home users can download
Anti-Spyware tools to help remove most Spyware on their home computers. Two
good Spyware removal programs that are free for personal use are Spybot and
Ad-Aware. Even though we can protect our campus users, we still have users who
are accessing the Internet from home through our campus dial-up modem or DSL.
They need to protect their home computers from Internet Spyware.
Many people access from home, right?
Yes. We have a large number of users accessing our campus network from home.
We don't have an easy way to protect these users. Spyware is so difficult to
detect and prevent because you don't know it is Spyware until you install it
on your machine. For example, some people remove Spyware and realize they lost
access to Kazaa, so then they reinstall the software that had the Spyware to
begin with, so it defeats the whole purpose.
So with hundreds of ways for Spyware to invade a computer, how can
you prevent it?
For home users, make sure you have the Automatic Updates feature in Windows
turned on. Don't install any software without knowing exactly what it is. Minimize
"Drive-By" downloads by setting your browser security high enough
to detect unauthorized downloads (eg. set the security level on Internet Explorer
to at least "Medium"). Don't click on any links within pop-up windows.
Don't click on any links in e-mail spam that claim to offer anti-Spyware. Some
programs that are being marketed as “Spyware-removers” are Spyware themselves
such as SpyBan, SpywareNuker, Bulletproof's Spyware/Adware Remover just to name
Who is at most risk on campus?
In the Division of Administration and Finance, we manage the desktops so we
push out all the OS security updates and patches to protect our users. We do
very well in managing these desktops inside our security domain. The issue we
have is in the academic areas where our faculty and laptop users connect to
the Internet in an "open" environment. It is difficult to manage these
computers, especially laptops, because when laptop users travel, they need to
have the ability to download and install software when they are outside of our
campus, but that, of course, could present problems with Spyware infection.
If a laptop computer on campus is compromised, it can be used to launch an attack
against eBay, for example, and shut it down. eBay would lose money and it will
track down the perpetrator by tracing the source back to a computer in our campus
network. Now it is possible we are liable for their financial loss even though
we had nothing to do with it. Our job is to minimize this kind of risk for our
How long have we been working on fighting Spyware?
We have been working on an integrated security solution for almost a year now.
We have deployed several short-term solutions that have been effective in minimizing
Spyware on campus, but even in the industry today, there are not too many enterprise-level
Spyware applications available. We are currently working with several leading
technology vendors to evaluate their anti-Spyware products and we hope to deploy
an integrated desktop security solution which combines our current desktop AntiVirus
as well as the newly developed anti-Spyware and Intrusion Detection System by
Are we developing our own?
We are using Spybot which allows us to detect and remove a large number of the
Spyware on the campus desktop computers in our security domain. But we have
customized a solution to integrate Spybot with our SMS 2003 to automate the
distribution of these software.
But that doesn't protect everyone on campus, right?
The difficult part is getting everybody to join our secured domain (SMS 2003)
on campus. The SMS 2003 project was funded by the campus University Information
Technology Committee. We manage these security systems and it is available free
of charge to anyone on campus. All desktop computers in the Division of Administrations
and Finance are already in this domain. Right now it is optional and not required
for desktop computers to be in this security domain. We do everything we can
to prevent Internet worms, viruses, Spyware, SPAM and all of that, but it is
very difficult to protect the campus computers that are sitting outside of our
Have you heard of any instances were people on campus have lost money
because of Spyware?
No, not yet. But a lot of crime does go unreported because it happens to be
personal. There is a scam called “phishing ” and that is basically when you
get an e-mail that pretends to be from trusted names such as your bank or Paypal.
It looks like an official message from the company with a logo and everything
and they ask you to submit your pin number or other vital information for verification
because someone has tried to gain access to your account. Some people might
panic and give out their confidential information. The data can be used for
identity theft. Most people won't give out that information. But scammers figure
if they send out millions of messages, all it takes is one or two people and
these phishing scams can quickly drain entire bank accounts of unsuspecting
How big a worry should this be for the average person?
Spyware is definitely a concern for Internet users. It has become so critical
in this country that Congress is looking to do something at the federal level
called the SPY ACT. Right now, my job is to do everything we can within the
resource that we have to inform and educate our users so they can protect themselves
from identity theft, financial loss, and computer failure. We are also working
very closely with a team of technical staff (Beach-CERT group) to focus on improving
desktop security on campus. If someone on campus wants to be as Spyware safe
as possible, contact either your technical coordinator in your department or
Network Services at 562/985-8344 for assistance.