Bidding to boost its standing among security companies by acquiring one of the fastest growing forms of computer menace, Trend Micro said today it would buy a privately held anti-spyware firm in a deal worth about US$15 million.
Trend Micro, which is based in Tokyo, Japan, said it would buy InterMute of Braintree, Mass., and would have a product to market by the end of the year that integrates the firm’s spyware-blocking solution into Trend Micro’s antivirus program, which is sold to consumers, small businesses and enterprises.
Trend Micro, the third largest PC-security firm behind Symantec and McAfee, already offers its own spyware program, which it developed in-house. In fact, the company says sales of the spyware blocker made up 10 percent of all 2004 revenues and is growing rapidly.
Changing Customer Needs
Virtually all of the major antivirus companies have rolled out spyware blocking and removal programs of their own, with most scrambling to stay ahead of the changing landscape. Symantec debuted a beta of a new integrated program last month that it said offers beefed up spyware halting technology.
Even firms not always associated with security are recognizing the value of having spyware-blocking capabilities. Late last year, Microsoft announced it would buy closely held Giant Company Software, a startup with a highly regarded solution to stopping spyware from being installed on personal computers.
Trend Micro said its buy reflects the company’s ability to keep up with changing customer needs.
“Spyware continues to evolve and cause concern and damage, but not all spyware can be handled the way viruses and worms are,” Trend Micro CEO Eva Chen said. “Customers need effective solutions to remove spyware but must also be given the flexibility on how to manage it. We expect to deliver combined solutions to market quickly.”
True spyware is installed on a user’s machine, typically without his or her knowledge, and logs, stores and transmits information about that user to a spy, typically by connecting to a Web site without the user’s approval. Information such as credit card and bank account numbers can be stolen that way, leading to identity theft and other crimes of fraud.
However, many security firms take a much broader view of the issue and consider any program that’s installed without a user’s knowledge to be potential spyware. That includes a range of programs such as toolbars and search programs that have recently come under fire. Although those programs usually are not used to collect information about an individual user, they are still considered unwanted code by users, and therefore are something that most security firms are eager to offer protection against.
The convergence of various types of code and the fact that many consumers install programs that follow where they go online and even send that information to third parties — as in the case of some desktop search tools, for instance — makes solid spyware protection a difficult proposition.
Ken Dunham, director of malicious code analysis at iDefense, questioned such software. He told the E-Commerce Times that the vast array of such code makes one-size-fits-all solutions ineffective at times.
“Everyone would love to install one program to do everything, but comprehensive approaches have fallen short because it’s getting increasingly difficult to tell the malicious code from the legitimate,” he said.
Security measures have to walk a fine line when blocking potential spyware and adware because closely related code might simply be part of a Web site’s functionality, he added.
The New Spam
In some ways, analysts say, spyware is now where spam was a few years ago. More robust solutions are emerging for attacking it every day, and at the same time, regulatory and law enforcement agencies are beginning to recognize the problem as it reaches a critical mass among consumers and businesses alike.
A study by Webroot software last year found that the average enterprise in the U.S. had 20 spyware-related programs on each computer in its network.
New York Attorney General Eliot Spitzer recently grabbed headlines by filing a lawsuit against Intermix, charging the marketing firm with installing spyware and adware onto the machines of users who visited some of its sites.
Since then, speculation has grown that other firms might face charges from Spitzer. Meanwhile, anti-spyware legislation is already in the pipeline on Capitol Hill.