Spyware: 2004 Was Only the Beginning

Remember the Internet boom of the late '90's? Remember the number of new ideas, startups, Web sites? All of those were fueled by a land grab for e-commerce. Dollar signs appeared in the eyes of every MBA student, VC, and entrepreneur as they flocked to the new economic frontier.

Flash forward to 2005. A booming economy in online advertising and e-commerce as evidenced by Google's IPO, and the profits of eBay, Yahoo!, and Amazon is only the tip of the iceberg.

Thousands of new age hackers have gotten wind of the fact that there is gold in "them thar hills" and it is easy to get rich quick by digging into the stream of online commerce.

Spam was the first route to riches, spyware is the next.

If you date the modern era of the Internet from the release of Mozilla 0.9 beta (the first commercial Web browser), then the Internet had its tenth anniversary this fall.

For nine years it was possible to argue that cyber crime was a figment of wild imaginings; of doomsayers and overly zealous purveyors of security solutions. There was no Lex Luthor of the Internet: a criminal master mind plotting to steal pennies from millions of people or extort millions from businesses.

But, alas, those days of Internet innocence ended in 2004.

Today, malware has taken an ugly turn for the worse. There has always been a bit of the whimsical about viruses and worms. Viruses of yore had little ticking time bombs embedded in their destructive payloads that gave you a chance to find and eradicate them before the date when they would start to erase your hard drive.

Or, the main purpose of a worm was to demonstrate just how bad a particular Microsoft vulnerability was and how system administrators around the world should know better than to trust mission critical services to the billionaire from Redmond.

Little messages were placed in virus code to identify the virus writer and his team and their higher purpose in life. The idea was that this virus was good for you and good for the world.

All that changed when the click-thru princes of the Internet got in the game.

So why is the threat to the very nature of the Internet worse with spyware than with worms or viruses? This is a hard question to answer because there are so many forms that spyware take.

With HR 29 the U.S. Congress is attempting to set into law a distinction between adware and spyware. It will make it legal on the one hand to distribute software that shows you pop-up ads based on your browsing habits so long as that software asks for permission before it is installed and provides a mechanism for removing it.

At the same time, software that steals your personally identifiable information and does not comply with the ease of removal strictures will be labeled spyware.

However, the difference in results is non-material. Legal adware and pernicious spyware both harvest a person's computer and valuable time to generate revenue that flows through a huge web of banner ads, pornography sites, online gaming sites, tracking tools, and e-commerce sites.

Total revenue generated by the known online ad industry represented by Google, Yahoo! and DoubleClick, is approaching $10 billion a year. Now, how big is the underground ad revenue business? Two data points are available from published numbers of adware purveyors.

One company, Claria, revealed that their software resided on 40 million PCs and they generated $90 million in revenue a year. Another company, Avenue Media, claimed they had 2 million infected machines that generated $7 million annually. An average of $2.95 per-infection-per-year.

How many infections are there? Our online spy audit indicates that the average PC on the Internet has at least two pieces of adware on it. ClickZ Stats indicates that there are 280 million active PCs on the Internet.

Do the math. The Internet boom is alive and well as adware, spyware, and "slimeware" purveyors rake in over $1.6 billion a year, leading a new trend of hacking for profit.

What does this all mean for you? Beware. Take the right steps to protect yourselves and your networks from this rising threat or see your revenues add to the bottom line of a problem that will only get worse.

Richard Stiennon is the vice president of Threat Research at Webroot Software. He has more than 20 years of experience in the security industry and he is a holder of Gartner's Thought Leadership award for 2003 and was named "One of the 50 Most Powerful People in Networking" by Network World Magazine.

For more information on spyware protection and removal, visit Intranet Journal's Spyware Guide.