By: Dwight Brown
A man has been sentenced to jail for using spyware to gain unauthorised access to US government computers.
Kenneth Kwak, a 34-year-old system auditor who had been working on the computer security of the US Department of Education, admitted placing spyware software on his supervisor's PC.
This software enabled him to access emails and other information. Kwak, of Chantilly, Virginia, then shared the information he gathered with others in his office at the government department.
US District Judge Royce Lamberth sentenced Kwak to five months in prison, followed by five months of electronically monitored home confinement. He has also been ordered to pay the US government $40,000 (£21,270), and will be on probation for three years.
"The US Government has adopted a zero tolerance policy regarding intrusions into its computer systems," said Graham Cluley, senior technology consultant for Sophos . "A clear message is being sent out to its staff that hacks like this are not just unacceptable but also criminal.
"Kwak should be thankful that no evidence was found that his hack was financially motivated, as that surely saved him from a stiffer jail term," continued Cluley.
Cluley said this was a timely reminder that organisations should put measures in place to reduce the risks.
These involved not only external attacks by malware and internet hackers, but also of potential problems with disgruntled staff or those with a financial motive in mind.
The annual Web@Work survey, conducted by Harris Interactive for the security firm Websense, found that the number of companies reporting spyware infestations had jumped 50 percent in the last year alone, and now nearly 92 percent of companies report that they have found spyware on their networks (websense).
Spyware is a somewhat loose term, and can mean anything from often innocuous Web cookies to Trojan programs that can hijack a computer.
But more dangerous varieties of spyware are on the rise, said Michael Newman, a vice president at Websense. He told John Gordon of "Future Tense" on American Public Media (futuretense.publicradio.org) that information technology managers were increasingly finding keylogging software on their systems. This "particularly malicious" type of spyware detects every keystroke made on a computer and can pick up passwords and other sensitive information, Mr. Newman said.
Pornography sites are among the most dangerous, with many of them replete with pop-up ads and spyware. The good news is that the number of employees reported to have visited a porn site at work dropped to 12 percent from 17 percent the last year. Of those, 95 percent said their visits to porn sites were "accidental." Whoops!
Meanwhile, SiteAdvisor, the Web safety service recently acquired by the security firm McAfee, reported this week that search engines offered little protection from dangerous sites. This includes paid and unpaid search results. In fact, SiteAdvisor found, sponsored results on average contain two to four times the number of malicious sites as do regular results.
Some of the most popular kinds of searches lead Internet users to dangerous sites, SiteAdvisor reported. Often, the sites offer downloads like file-sharing software and screensavers that contain malicious programs. Up to 72 percent of the results from keywords like "Bearshare" or "screensaver" lead to sites that pose a risk.
A Victory for Spammers Another problem besetting Internet users, spam, may get slightly worse with this week's news that Blue Frog, an anti-spam service offered by the company Blue Security, was shut down after a fatal cyberattack from spammers.
Blue Frog worked like this: Clients would lodge a complaint, and Blue Security would request that spammers stop sending e-mail to the client. If that failed, Blue Security would fill in forms on the spammers' Web sites asking that their clients' names be removed — often crippling the spammers' systems with an overload of data.
Article Source: http://articles-galore.com
Dwight Brown writes about Spyware on his Blog Adware Spyware Remover
Friday, December 14, 2007
You Cannot Outrun The Long Arm Of The Law!
Posted by pipat at 3:58 AM
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment