Corporate keylogger infections up 50 percent

Organisations may have the best antivirus, anti-spyware and firewall software, but it hasn't stopped a growing epidemic of spyware

The number of companies reporting spyware infestation has increased by just under 50 percent over the past 12 months, according to a survey released by Internet security specialists Websense.

According to the annual Websense Web@Work survey, published on Tuesday, 17 percent of companies with more than 100 employees have spyware — such as a keylogger — on their network.

"This is almost 50 percent growth in the instances of keyloggers that organisations are reporting back," Joel Camissar, country manager for Websense said. "Despite the organisations having a best of breed antivirus, anti spyware and firewall, we are still detecting a huge amount of backchannel spyware communication".

One reason for this growth in spyware infestation is a massive increase in the number of spyware-making toolkits being sold online, said Camissar, who referred to some research that was conducted in partnership with the Anti-Phishing Working Group, earlier this year.

"In April 2005 there were 77 unique password stealing applications. In the latest March report there were 197. Unique Web sites hosing keyloggers in the same timeframe have gone up from 260 to 2157 — almost a 10 times growth," said Camissar.

The survey also discovered that survey respondents did not have much faith in their staff being able to distinguish between genuine and phishing Web sites.

"Forty-seven percent of IT decision makers said their employees have clicked on phishing emails and 44 percent believe employees cannot accurately identify phishing sites.

"I am surprised that the results are not showing a larger growth in the number of organisations hit by this kind of threat," added Camissar.