Article - Spyware Danger Level Estimation
In the vernacular of Homeland Security, the spyware "threat level" is somewhere between Elevated and High. If your business operates in a regulated environment, place the threat level between High and Severe. Consider these threats:
Disclosure of sensitive or regulated information.
Spyware that tracks browser activity doesn't distinguish between intranet or Internet requests. Hyperlinks, browser histories, favorite lists, and cached Web form data can contain business records, proprietary information, trade secrets, credit card and personal data, medical and financial data, and account passwords, which may be abused by the collection agent or sold to third parties.
Users may fall victim to felony-class criminal acts.
Keyloggers reveal sensitive personal and company information, including passwords, credit card and financial information, and potentially embarrassing personal information. An intercepted Webcam stream might reveal embarrassing activities. The opportunities spyware creates for fraud, identity theft, and personal or business-targeted extortion should be taken very seriously.
Loss of productivity.
Spyware steals CPU and bandwidth while it is running. Spyware isn't the best-written software in the world and commonly causes system instability and the dreaded blue screen of death. Spyware removal is often non-trivial, disruptive, or destructive. Some spyware remains on your system after you have uninstalled the freeware, and some might reinstall itself if not entirely removed. If spyware extensively infests your network, you can spend as much time repairing and remediating systems as you would follow a virus incident or backdoor attack.
System and Network Intrusions
The information collected by trackers, miners and RATs is gold for any attacker engaged in an information gathering expedition, which is the preparation stage in a targeted attack. Hosts identified in hyperlinks and system configuration information help attackers map networks and services. Some organizations (unwisely) transmit account names and passwords in plain text across intranet links. Need I say more?
Tarnished brand image and loss of business.
Your company can be affected by spyware, even if every computer you operate is spyware-free. If hijacking spyware victimizes your company, you'll lose sales opportunities when users are redirected away from your site, to a competitor. Hijacking spyware has also been used to scam companies who pay fees for advertising referrals. A disreputable ad company, hired to drive traffic to e-merchant sites of its patrons, might embed spyware in a "must have" toolbar. The spyware replaces the user's default search engine, and sends users to pages of its patrons, even when they are not a suitable match. The patrons pay for these contrived referrals but often do not derive the expected revenue per click-through.
Exposure to litigation.
Some employees may react strongly to the delivery of objectionable, especially sexually explicit advertising, and may respond by claiming sexual harassment. Whether the claim has merit or not, the publicity, court time, expense, and loss of credibility can be more than your company wants to deal with.