Poised to be a bigger, and even more annoying problem than spam, spyware is challenging computer admins at all levels. Siobhan McBride looks at the local moves and Ellen Messmer and Steve Fox report on products, services and methods of taking control.
Both the Australian government and IT industry are struggling to find an effective solution to spyware which has been dubbed a 'marketing driven tool that exploits personal information'.
In the past election year politicians from all sides of the fence have promised to explore legislation as a means of halting the escalating threat but analyst firm Gartner says this is not the solution.
The research firm is sceptical new laws will be effective as it is a menace similar to spam, where unscrupulous individuals or companies will not be deterred by legislation.
Jurisdiction is also an issue as local anti-spyware laws would be worthless against non-Australian companies unless international treaties are enforced.
Despite this, the federal government said it will look at adware and spyware as a follow-up to its legislative actions against spam. But Sophos head of technology Asia Pacific, Paul Ducklin, believes that legislating against spyware will be even more difficult than legislating against spam, because it involves judging the degree of a user's informed consent.
Ducklin has had talks with a range of industry bodies about the problem as well as with IT Minister Helen Coonan.
"I've had a discussion with Minister Coonan, before the election of course, about spyware and it does seem that there is some concern about this area from the government," Ducklin said.
"I think in regards to legislation [government] will need a lot of help from industry, but it's definitely a long task for government.
"I've also had discussions with the police, the Australian Internet Industry Association and my peers in the security industry. Most people in the security industry are aware of what problems spyware is causing."
Ducklin insists that organizations should pay as much attention to spyware as they do to viruses.
"Spyware is really a form of malicious code which is designed more against the user of the computer than the computer itself," Ducklin said. "Any organization that finds spyware in their network should explore how that spyware actually got there in the first place. Corporates should be paying attention to this."
McAfee marketing director for Asia Pacific, Allan Bell, has heard a lot of complaints from users who have to clean up their machines riddled with spyware.
"Most Australian organizations are struggling a bit with spyware, as a lot of it exhibits virus-like activity," Bell said.
"We classify adware and spyware as potentially unwanted software. The issue for users is that they want to take control of what's on their machines.
"The big issue with spyware is that it's something that's pretty new for a lot of people, and users know what they have to do with viruses, but don't really know when it comes to spyware," Bell said.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.