Public Affairs & Publications
Inside CSULB
CSULB Home page
Current Issue: Calendar: Archives: Contact Us
Vol 57 No. 2 | Jan. 2005
Featured Stories
Employee Information
Steve La
Are You Being Watched? Beware of Spyware

If you are reading this, you probably have Spyware. That doesn't mean your boss is watching you, however, but somebody else is.

Steve La, director of Network Services, is the person in charge of protecting the campus' computers from viruses and anything of that nature that may affect student, staff and faculty ability to work in a secure environment. Anywhere from 100,000-700,000 viruses attempt to infiltrate the campus computer system every day, according to La.

And, as if viruses and SPAM don't provide enough headaches for La, now he has a relatively new concern called Spyware.

 “We have been working with how to protect the campus from viruses so that has been an ongoing thing,” said La, “but Spyware really concerns me because it is hard to prevent Spyware.”

La was asked about Spyware and what CSULB students, staff, and faculty can do to protect themselves from it.

Spyware PosterWhat exactly is Spyware?
Spyware generally refers to data-collecting programs installed on computers that gather personal information about you and relay it to a third party without your consent or knowledge. Most users of the Internet are most likely infected by not only one, but many Spyware programs.

What are common ways Spyware gets onto a computer?
The most common ways are downloading and installing MP3 music-sharing software, opening unknown e-mail attachments, and connecting to a Web site designed to distribute Spyware. For example, there is a free software program sent to users via spam that says if you download and install the software, it promises to increase your Internet access speed. In reality, the program has a Spyware that is designed to collect information about your Internet activities by serving as a proxy between you and the Web sites you visit. The program claims to increase your Internet access because it caches Internet Web sites.  

Is it really faster?
No. We ran some tests and did not find any increased performance, but it is a huge security risk because the Spyware is tracking and keeping records of everything you are doing. When you contact your bank, the Spyware proxies the connection. It also has the ability to access secured Web sites because the Spyware has replaced your system's security certificate with its own so they can contact secured Web site such as your bank on your behalf.

What are symptoms of having been infected by Spyware?
In addition to privacy and security concerns, Spyware can cause system and browser instability and slowness, pop-up advertisements all the time, changes your settings and prevents you from changing them back, and components on your browser such as toolbars suddenly appear without your knowledge. If your computer starts to behave strangely or displays any of the symptoms mentioned above, you may have Spyware or other unwanted software installed on your computer.

Besides a person loading certain software, what are the most common ways Spyware can get on your computer?
There are many different ways your computer can get infected with Spyware. They include opening an e-mail attached with Spyware, accessing a Web site,or installing Spyware-infested file-sharing programs like Kazaa, Find MP3, Grokster, BearShare, and Morpheus.

So, what do we do to help our faculty, staff and students?
For faculty and staff on campus, work with your technical coordinator to migrate your desktop computer to our campus security domain. Home users can download Anti-Spyware tools to help remove most Spyware on their home computers. Two good Spyware removal programs that are free for personal use are Spybot and Ad-Aware. Even though we can protect our campus users, we still have users who are accessing the Internet from home through our campus dial-up modem or DSL. They need to protect their home computers from Internet Spyware.

Many people access from home, right?
Yes. We have a large number of users accessing our campus network from home. We don't have an easy way to protect these users. Spyware is so difficult to detect and prevent because you don't know it is Spyware until you install it on your machine. For example, some people remove Spyware and realize they lost access to Kazaa, so then they reinstall the software that had the Spyware to begin with, so it defeats the whole purpose.

So with hundreds of ways for Spyware to invade a computer, how can you prevent it?
For home users, make sure you have the Automatic Updates feature in Windows turned on. Don't install any software without knowing exactly what it is. Minimize "Drive-By" downloads by setting your browser security high enough to detect unauthorized downloads (eg. set the security level on Internet Explorer to at least "Medium"). Don't click on any links within pop-up windows. Don't click on any links in e-mail spam that claim to offer anti-Spyware. Some programs that are being marketed as “Spyware-removers” are Spyware themselves such as SpyBan, SpywareNuker, Bulletproof's Spyware/Adware Remover just to name a few.

Who is at most risk on campus?
In the Division of Administration and Finance, we manage the desktops so we push out all the OS security updates and patches to protect our users. We do very well in managing these desktops inside our security domain. The issue we have is in the academic areas where our faculty and laptop users connect to the Internet in an "open" environment. It is difficult to manage these computers, especially laptops, because when laptop users travel, they need to have the ability to download and install software when they are outside of our campus, but that, of course, could present problems with Spyware infection. If a laptop computer on campus is compromised, it can be used to launch an attack against eBay, for example, and shut it down. eBay would lose money and it will track down the perpetrator by tracing the source back to a computer in our campus network. Now it is possible we are liable for their financial loss even though we had nothing to do with it. Our job is to minimize this kind of risk for our campus.

How long have we been working on fighting Spyware?
We have been working on an integrated security solution for almost a year now. We have deployed several short-term solutions that have been effective in minimizing Spyware on campus, but even in the industry today, there are not too many enterprise-level Spyware applications available. We are currently working with several leading technology vendors to evaluate their anti-Spyware products and we hope to deploy an integrated desktop security solution which combines our current desktop AntiVirus as well as the newly developed anti-Spyware and Intrusion Detection System by Fall 2005.

Are we developing our own?
We are using Spybot which allows us to detect and remove a large number of the Spyware on the campus desktop computers in our security domain. But we have customized a solution to integrate Spybot with our SMS 2003 to automate the distribution of these software.  

But that doesn't protect everyone on campus, right?
The difficult part is getting everybody to join our secured domain (SMS 2003) on campus. The SMS 2003 project was funded by the campus University Information Technology Committee. We manage these security systems and it is available free of charge to anyone on campus. All desktop computers in the Division of Administrations and Finance are already in this domain. Right now it is optional and not required for desktop computers to be in this security domain. We do everything we can to prevent Internet worms, viruses, Spyware, SPAM and all of that, but it is very difficult to protect the campus computers that are sitting outside of our security domain.

Have you heard of any instances were people on campus have lost money because of Spyware?
No, not yet. But a lot of crime does go unreported because it happens to be personal. There is a scam called “phishing ” and that is basically when you get an e-mail that pretends to be from trusted names such as your bank or Paypal. It looks like an official message from the company with a logo and everything and they ask you to submit your pin number or other vital information for verification because someone has tried to gain access to your account. Some people might panic and give out their confidential information. The data can be used for identity theft. Most people won't give out that information. But scammers figure if they send out millions of messages, all it takes is one or two people and these phishing scams can quickly drain entire bank accounts of unsuspecting users.

How big a worry should this be for the average person?
Spyware is definitely a concern for Internet users. It has become so critical in this country that Congress is looking to do something at the federal level called the SPY ACT. Right now, my job is to do everything we can within the resource that we have to inform and educate our users so they can protect themselves from identity theft, financial loss, and computer failure. We are also working very closely with a team of technical staff (Beach-CERT group) to focus on improving desktop security on campus. If someone on campus wants to be as Spyware safe as possible, contact either your technical coordinator in your department or Network Services at 562/985-8344 for assistance.

Back to top