Target the Source Not the Symptoms to Tackle Spam

According to Internet security vendor Marshal8e6, spam volume can be reduced considerably by pursuing the criminals.

Its recently published report for the second half of 2008 indicates that spam volume surged sharply in 2008 with global spam volume exceeded 150 Billion emails daily. On November 11, 2008, McColo, the San Jose-based Web hosting service provider which was hosting the computers controlling some leading botnets, was disconnected from the Net and spam volume significantly dropped.

On account of its shutdown, spam suddenly declined by more than 50% because these botnets were successfully disabled. Spam volume in the middle of November 2008 was at a record low since mid-2007. But it rose again in December 2008 because several botnets returned back into business and others got additional business.

As per Bradley Anstis, Director of Technical Strategy, Marshal8e6, the teaming up of web security and law enforcement authorities in various nations has proved that by tracking the origins of the global spam threats, spam can be reduced, reported by ITWire on January 28, 2009.

The successful reduction in spam emerging from McColo holds a big promise for the future, stated the security analysts. Unfortunately, operators of the infected botnets were able to get their control servers back online to host their bots at fresh network location, causing spam volume to pick up slightly, but the fall of the Srizbi Botnet establishes that this technique of tackling botnets works very successfully.

But the disadvantage is that the excessive pressure may drive the botnet controllers' deep underground and forcing them to create increasingly complex command and control systems.

Marshal8e6 also said that 2009 is expected to be an eventful and exciting year. As the people progressively carry on their businesses through the Internet, browser flaws will continue to be a main attack vector, with hackers manipulating previous as well as current flaws.

On the basis of observations made in 2008 and the rising reliance on electronic mail and digital communications, it is more crucial to change the tactic from just barring spam emails to striking and blocking the origin of that malware, the firm concluded.

Related article: TRUSTe Certified Websites May Still Contain Malware

» SPAMfighter News - 2/11/2009