I think we can all agree that pups, the friendly, loyal, man’s-best-friend kind are cute and lovable and make everyone smile. PUPs, aka potentially unwanted programs, not so much. PUPs are usually distributed as part of a bundled free software package and despite the claims of free software developers that PUPs benefit users, they are at best annoying and at worst a threat. The ‘unwanted’ part of the name ‘potentially unwanted programs’ should make that pretty clear. Some PUPs, for example, will create new toolbars for shopping sites in your web browser, or change your search provider, or even intentionally slow down your computer so you’ll be tempted to buy the tools for speeding up your computer that they later start advertising. Other more malicious PUPs have been known to distribute applications for spying, for performing denial of service attacks, and for mining cryptocurrency. Not so beneficial now, are they? And they’re prevalent:
ReasonLabs, which has one of the most powerful AV engines in the industry, RAV Endpoint Protection, reported over 18 million PUPs in the month of September of this year alone and recently listed PUP.Web companion, PUP. Ask, PUP. Browser plugin, PUP.Generic and PUP.Mindspark as top malware threat families. It’s not just a consumer problem either; PUPs threaten the cybersecurity of businesses too. Once installed, they can take up massive amounts of bandwidth, CPU, disk space, RAM etc., and worse, are frequently used by hackers to steal data or spy on company activity. To respond to this growing nuisance/menace (take your pick which word you want to use), some small business antivirus wisely offer protection from PUPs.
But if they’re unwanted, how do PUPs get installed on a system in the first place?
When we buy a computer or computer hardware, or when we purchase a software program, we often get along with it, bundled software. Many of the software in these bundled packages are valuable and necessary such as operating systems, utilities, and applications, but many are not. Nor are they necessarily related or complementary to the software that is wanted by the user. For example, you might see a search toolbar bundled with an MP3 player or a word processor bundled with a file-sharing application.
Everything clear as San Francisco fog now? Wait, it gets worse
PUPs exist because developers of free software are paid to bundle third-party software with their software. This third-party software gets downloaded by users who unknowingly agree to download it with the bundled package. They agree unknowingly because they race through the end-user licensing agreement (EULA) of the wanted software and hurriedly click on all of the ‘accepts’ just to finish the installation process quickly. Hidden within this bundled software can be spyware, browser hijackers and other software that can cause problems like slowing down your computer and stealing sensitive data. Since the bundled software is included in the installer file of the software that the user wants, once the EULA is completed, everything gets downloaded together. And voila! The PUPs are on the PC and the software developer is protected from legal action because of the signed EULA.
How can businesses protect themselves against PUPs?
Businesses can protect themselves from PUPs by carefully reading Wizard instructions to catch unwanted programs that will be installed and by using customized installation settings rather than default settings. In addition, software should only be downloaded from trusted sources. Adware and PUPs are often disguised as legitimate programs, so users have to be savvy and knowledgeable about the software they are downloading and the sites they’re downloading them from. First and foremost, however, businesses should install antivirus software with unwanted software blockers that automatically uncheck unrelated software offers. Unwanted software blockers can save users time and catch PUPs that might otherwise get through, and which might contain malicious files.
Back to this post’s title about why business need unwanted software blockers… We can confidently state that PUPs have the potential to compromise privacy or weaken a computer’s security. We also know that they eat up system resources and can threaten the cybersecurity of businesses. Some PUPs, for example, will install a root certificate on a computer that allows hackers to access private data without the user ever being notified. Root certificates like these and other programs installed by PUPs can make computers vulnerable to serious cyberattacks, and sometimes all it takes is one successful breach to bring a business, especially a small business, to its knees.
Finally, we know that it’s not enough that businesses protect themselves from malware; they need to protect themselves against PUPs too. Powerful and effective unwanted software blockers are the best form of protection against PUPs. They can automatically uncheck agreements to download unrelated software offers that come as part of a bundle and they can warn users when an installer tries to covertly download potentially unwanted and potentially harmful programs. Considering that the amount of malware created is expected to continue to grow and that potentially unwanted programs will continue to target systems and pose greater and greater threats, it becomes abundantly clear why small businesses need an unwanted software blocker.