The Business threat from Spyware
Reader stats
Article rating
No ratings yet
Reader rating appears publicly after enough eligible article ratings.
Rate this article
Sign in to rate this article.
Spyware Identification and Some Simple Solutions
Anthony Ricigliano Spyware is generally encountered in three major distinctive forms: Hardware, firmware and software. All three types have various characteristics which can make defeating spyware difficult.
Hardware Spyware
An example of hardware spyware is the unique identification number of an Intel Pentium or later class of CPU. This number can be used to specifically identify any CPU. When combined with appropriate software, this number can be directly linked to an IP address and the precise location – if not the exact user – can be determined. The solution for this problem is using computer motherboards with BIOS setting that are capable of disabling access to those numbers. The solution for hardware devices can be complex, as most firmware and hardware is designed not to be detected nor disabled.
Firmware Spyware
Anthony Ricigliano Firmware Spyware is semi-permanent software running at the machine hardware level. The BIOS CMOS chip is where it usually resides. Most is relatively innocuous; however, someone with malicious intent can replace the BIOS with a custom-made copy which can contain code to enable access to the computer. The best defense is to use factory-authorized and distributed firmware.
Software Operating System Spyware
Software spyware can exist in either the operating system or in applications. An example of operating system spyware was the recent disclosure of an operating system file that was inaccessible to casual users that recorded the GPS locations of where the device was physically located through its existence. The Apple iPad tablet and other similar PDAs used similar technology. After the spyware was brought to the public’s attention, the manufacturer quickly released a patch to the operating system that disabled the file.
Applications Spyware
This is code embedded within a program which can track and report a user’s activity. Typically, a file is generated within the application’s limited access areas, however, cookies can also be generated such that when the device is online, the recorded data – often in an encrypted form to hide its nature – can be accessed with ease. In theory, the EULA is supposed to disclose any use of data derived from use of an application, however, the legal wording is tedious to follow and it is almost universally ignored by the user installing the application. There are a number of spyware scrubbers available for retail sale that can clean up residual traces of activity and help ensure some modicum of privacy. But, as with any other software backup system, it is only good when it is regularly and routinely run.
The Business Challenge
Awareness and education are the critical components of fighting spyware. It is insufficient to simply install a software application and rest assured in the knowledge that the computer is protected. It is not. It would do absolutely nothing to prevent a spy from installing a wireless hardware keystroke logger into a keyboard and downloading a complete log of all of the keyboard activity on demand and by remote control. Passwords, account numbers, sensitive corporate data all would be compromised. Physical security, situational awareness and constant vigilance are a business’s best and only adequate defense.
Article author
About the Author
Further reading
Further Reading
Article
What to Consider When Adopting Multi-Tenancy in Kubernetes?
Organizations are starting to scale their cloud native operations. And as they do, the inefficiency of managing dozens of isolated clusters has become an evident problem. As the clusters continue to sprawl, businesses must unite diverse workloads onto shared infrastructure. This is because companies need better resource utilization and centralized governance among other things. But it is imperative to remember that going from a single tenant to a multi-tenant environment need
March 12, 2026
Article
Product Engineering Services: Driving Faster Development for Startups
It has been for everyone to see the short product lifecycles and a pressing need for rapid technical scalability that have come to define the modern startup ecosystem. For early-stage companies, the challenge is no longer just conceptualizing a solution. But they must also carry it out with enough precision to withstand high market volatility and fierce competition. We know that internal teams concentrate on core business strategy and fundraising. That still leaves us with th
March 12, 2026
Article
Why Modern Facilities Rely on Environmental Monitoring and Remote Temperature Probes for Compliance and Control
In today’s regulated and data-driven environments, organizations are under constant pressure to ensure that temperature and environmental conditions remain within defined limits. Even small fluctuations can result in product loss, compliance violations, or operational downtime. As a result, many facilities are moving away from manual checks and standalone sensors and adopting comprehensive environmental monitoring solutions instead. An environmental monitor provides rea
March 5, 2026
Article
Role of Data Warehousing in Ensuring Data Quality and Consistency
Organizations have come to rely heavily on large amounts of data in today's competitive markets. But to what end? For starters, to inform strategic decisions and power machine learning models. It goes without saying that the value of these digital assets is completely dependent on the accuracy of the underlying data. So, when data is fragmented or inconsistent across departments, you will obviously have inaccurate reporting and operational inefficiencies at your hands. This c
March 2, 2026