Presentation on theme: "Adware and Spyware. Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide."— Presentation transcript:
Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide basic identification and removal resources u Discuss prevention techniques 2
Definitions u Malware: malicious software – Adware: advertising-oriented – Spyware: information-oriented u Anti-adware and anti-spyware are the tools that fight them 4
What and Why? Adware u Advertising u Goal is to sell or promote u Data pushed from them to you u Hopefully you will buy or visit Spyware u Spying u Goal is to gather information u Data pulled from you to them u Hopefully information can be used for sale or power 5
Motivation u Money – Firms place ads for selves or clients – Paid by click-through or direct purchase – Identity/data theft u Power – Ruin rival’s reputation – Blackmail, intelligence activities – Gain notoriety and satisfaction 6
Relationships u Trojans, viruses, phishing, pharming, rootkits, adware, spyware … so much bad stuff! u Questions: – Can adware be spyware? – Is there a relationship between adware, spyware, and other malware? 7
Identifying and Removing u Adware is everywhere 20 www.zedo.com “Zwinky is free with download of toolbar” http://www.youtube.com/v/1jbEZlnl9WQ
Identifying and Removing u 67% infected among those surveyed* u Can you keep up? 21 * Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 51.
Identifying and Removing u Common symptoms* – Pop-ups – Toolbars – Performance problems – More OS/application crashes u Can be symptomless 22 * Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 51.
Identifying and Removing u Anti-adware tools u Anti-spyware tools u Network packet sniffing 23
Removal u Methods: – Manual – “Free” tools – Commercial tools u Can be difficult 24
Prevention u What does not prevent it?* – Personal firewalls – Anti-virus programs u The best you can hope for is to discourage it. 26* But they do help prevent spyware and adware that spread that way.
Prevention u Anti-spyware and anti-adware – No single product or suite handles it all – Investigate tools carefully u Firewall and anti-virus – Up to date – Properly configured u Stay informed! 28
Business Impact 1. Loss of productivity 2. Increased IT support costs 3. Theft of intellectual property 4. Liability associated with privacy violations 5. Premature information disclosure 6. Loss of credibility … 30Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 52.
Business Prevention u Security policy – Write it down – Educate everyone – Management buy-in – Audit compliance u Use generally good practices u Stay up to date! 31
Conclusions u Adware and spyware come with serious consequences u Identification and removal can be difficult u Prevention is best u User education is key 32
Credits u Enterprise Information Systems Assurance and System Security, Warkentin and Vaughn, ed., 2006. u Wikipedia, http://www.wikipedia.org u Original clip art is from the Microsoft Office web site unless otherwise cited 34