Desktop search 'a likely target for malware'

Summary:Companies should not deploy a desktop search tool without first considering the security implications because they could end up helping virus writers, say security experts

Desktop search tools, such as those recently announced by Google, Microsoft and Yahoo, are designed to make it easier for users to find information stored on their hard drives. However, security experts are warning that virus writers could use the new tools to make their malware more efficient.

Foad Fadaghi, senior industry analyst at Frost & Sullivan Australia, said that most viruses are designed to harvest email addresses and other personal information from an infected system. He warns that, because desktop search tools can index and categorise that information, virus writers are likely to start exploiting the technology.

"Desktop search products are very efficient at harvesting data, so it wouldn't be surprising if exploits are sought by malicious coders. Any software that can index and capture data on a users PC will be subject to virus and Trojan exploits. It is just a matter of time," said Fadaghi.

Neil Campbell, the national security manager of IT services company Dimension Data, said that any change in the desktop environment can create new security vulnerabilities, so when companies decide to adopt a new product they should look beyond the user benefits.

"It sounds like great technology but don't deploy it without considering the security implications. With any new product area there is a need to consider security," said Campbell.

According to Campbell, virus writers are unlikely to start targeting the new tools immediately -- but only because they are not common.

"It is not going to be in the virus writers best interest to target them immediately. I would expect the spread of a virus to be inhibited because of the low take up rate -– at least to start with," said Campbell.

Viruses have already used Internet search engines to harvest email addresses. In August, a MyDoom variant pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines -- including Lycos and Altavista -- off the Web completely.

At the time, Graham Cluley, senior technology consultant at antivirus firm Sophos, said he expected virus authors to continue manipulating search engine technologies.

"You don't have to be psychic to predict the release of more worms trying to scoop up email addresses from search engines. Unfortunately, we expect to see other worm authors trying similar tricks in the future," said Cluley.

Dimension Data’s Campbell said that if companies do choose to deploy desktop search tools, they should take extra care to ensure viruses do not get a chance to execute on the desktop.

"You need to consider these issues once the virus has infected your PC but more importantly companies should prevent the virus from executing. Make sure the PCs are up-to-date from a patch and antivirus perspective and loaded with a personal firewall," said Campbell.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.

Topics: Security

About

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.Munir was recognised as Austr... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.