The audit represents the first comprehensive analysis of the presence of spyware within corporate networks. Conducted by Webroot using its Corporate SpyAudit tool, the opt-in audit program was designed to scan enterprises for various forms of spyware. The Corporate SpyAudit scanned more than 10,000 systems, representing more than 4,100 companies and discovered an average of 20 pieces of spyware per corporate desktop computer. The most concerning result is the rate of malicious spyware infections. On average five percent of the PCs scanned had system monitors and 5.5 percent had Trojan horse programs, the two most nefarious and potentially malicious forms of spyware.
"The enterprise offers a bounty exponentially larger than what the everyday consumer's PC might surrender to a spyware program," said Richard Stiennon, Webroot vice president of Threat Research. "Everything from customer information to payroll details to product specs and source code are all potential spyware targets. And beyond the potential theft of sensitive information, more benign forms of spyware, like adware, lead to increased bandwidth consumption and decreased employee productivity."
Released on October 7 as a free tool, the Corporate SpyAudit analyzes individual corporate desktops and provides a real-time report of spyware programs hiding within enterprise networks. The Corporate SpyAudit is modeled after the hugely successful consumer SpyAudit program launched earlier this year in conjunction with Earthlink, which has already performed more than 3,000,000 consumer PC scans.
Spyware is a rapidly proliferating type of software that may track online and/or offline PC activity and is capable of locally saving or transmitting those findings to third parties often without a user's knowledge or consent. Until recently, the enterprise was thought to be virtually impervious to spyware attacks because of the false belief that corporate-level anti-virus and firewall mechanisms provided adequate protection against this new threat. That notion has changed as many enterprises have fallen victim to spyware as hackers have realized the massive economic potential corporate networks present.
The initial Corporate SpyAudit results chart the overall number of scans and also the initial figures for each of the defined spyware categories from October 7, 2004 to December 1, 2004. Moving forward, Webroot will chart the figures for each category and the percentage growth over the previous month's results.
- Total Number of SpyAudit Scans: 10,305
- Total Number of Distinct Audits: 4,104
- Average Instances of Spyware per Scanned Desktop: 20
- Average Adware Installations per Scanned Desktop: 2.5
- Average System Monitor Installations per 100 scans: 5
- Average Trojan horse Installations per 100 scans: 5.5
To further inform businesses about the dangers of spyware, Webroot it is continuing to offer its spyware detection program, Corporate SpyAudit, for free download. SpyAudit will provide a detailed report in minutes and is available to all Internet users.
