Just recently there has been a spate of reports of a major increase in spyware related security incidents. A recent survey by Websense reports a 50% increase over the last 12 months. A major spyware scam was recently uncovered in Brazil, where a gang had used Trojans to capture (and then exploit) large numbers of banking log on credentials. A Florida business is currently in a legal wrangle with the Bank of America over who should pick up the tab following an incident where fraudsters used spyware to capture online banking details and then made a substantial transfer out of the business’ account to a bank in Latvia. The recent Deloitte’s security survey of the global financial services industry cites spyware as one of the security threats that the financial services sector is most concerned about.

It is widely acknowledged that spyware infiltrates even those organisations that have installed best of breed anti virus and anti spyware software, so relying on these tools to address the problem can result in a false sense of security.

However, as is usually the case with information security threats, much more can be done to mitigate the risk of spyware by focusing on some basic procedures and education. Safecoms advises that spyware can most effectively be addressed by taking the following measures:

• Implement effective egress filtering at your firewalls
• Ensure desktop systems are properly hardened (the default XP settings are weak in this area)
• Do not give local admin rights to standard users (most spyware works by attacking systems set to allow local admin)
• Ensure that administrators know they may only use their admin accounts for genuine system administration activities. When engaged in standard user functions they should only be using their standard user account
• As part of broad based information security awareness training for the user community, ensure that all users are aware of the need to only open email attachments from trusted sources, and to be particularly vigilant about Spam and junk email

Safecoms is always pleased to advise about the practical steps that can be taken to make your organisation more secure. In the majority of cases, a small investment of time in improving processes and behaviour will bring a much greater "security dividend" than investing big money in new tools and technologies that are of limited effectiveness.