Spam volume impacting small and midsize companies has dropped this yeear due to vigorous enforcement by crime busters and Internet service providers. But the effects are already fleeting and SMBs must stay on guard.
Fighting spam has been a tedious, ongoing challenge for small and medium business. Finally, this year saw some good news: the volume of spam dropped by 20% in the first quarter of 2009, and law officials and Internet Service Providers (ISPs) should take a bow for their work in shutting down a few notorious Web sites.
McAfee reported that the volume of spam dropped by 20 percent in the first quarter of 2009 to hit its lowest level since 2006. While many factors contribute to the rise and ebb of spam, the shutting down of a couple of major rogue Web hosting sites in late 2008 seemed to play a significant role in the decline.
In September of last year, a team of cybercrime experts identified Intercage, which was based in San Francisco, as a "major hub of cyber crime." They found that 78% of the domains and mail servers on Intercage's network were hostile, basically launching points for various types of malware. A short while later, the company's ISP cut off its service. In November, ISPs closed down the notorious McColo spam-generating site, which was based in San Jose. Without places to launch their malware, some criminals were put out of work -- at least temporarily -- and the volume of volume generated declined dramatically.
The good work has continued -- and moved up the food chain. Earlier this month, the FTC shut down Pricewert LLC, considered the "worst ISP in the United States."
A New Kind Of Cybercriminal Such actions have had a major impact on spam activity because the profile of typical hacker has changed in the last few years. While the practice continues to attract maladjusted adolescents and adults, they are not the group creating most of the havoc. That work has been taken over by organized crime gang members.
Many of the mobs are based in Russia and East Europe, but they have been joined by various Chinese and U.S. crime rings. Rather than rail against the inefficiency of Microsoft's products, illustrate their superior programming skills, or just annoy others, these groups hack because it offers them more potential benefits and fewer risks than crimes like loan sharking, drug dealing, and prostitution.
These cyber gangs rely on sympathetic or oblivious ISPs to launch their increasingly dangerous malware, deluge users with spam, and perpetrate identity theft. Their operations have become so large and complex that some think that a few dozen groups generate as much as two thirds to three quarters of the Internet's spam, which is pretty impressive since about 100 billion messages are sent on the Internet every day and spam has generally estimated to account for 90% or more of this traffic.
Crime Busteres Get Smarter Law enforcement agencies have been working with various Internet watch dog groups, such as Spamhaus, to identify the criminals, shut down their base of operations, and force them to find other ways to pester civilians. The process has been successful. The take-down of McColo's site resulted in a 75% decline in connections to security supplier Sophos's spamtrap mail servers the following day.
When the shutoffs were made last fall, some observers thought that the impact would be minimal and spammers would be back online in a few days. However, the process has not been so simple. Once knocked offline, the criminals are forced to find another ISP willing to house crime-friendly hosting sites.
This task has become more difficult because American ISPs now realize that housing spammers may end with them being blacklisted (basically shutting down their businesses). Many have stopped working with such shady enterprises and the crooks seem to be having a bit of trouble finding new launch sites. Perhaps a few have even become so discouraged that they turned their attention elsewhere. As a result, the volume of spam invading small and medium businesses' inboxes has dipped, and stayed down for longer than expected. Ideally, the various parties can work together, knock other criminal sites offline, and reduce the volume or spam.
The changes have been helpful, but the process is not foolproof. After the dramatic drops, the amount of spam generated gradually began to increase. And there's evidence that the bad guys are getting better at finding alternatives.
The progress in limiting the number of crime-supporting ISPs in the U.S. has hurt spammers, who like to be based in developed countries because they can get more reliable connections, among other reasons.
But they don't need to be here, and there are plenty of places around the world that are more than happy to take the spammers' money, no questions asked.
Perhaps that helps explain how despite the Pricewert takedown, spam network Cutwail was able to regain a third of its spam-generating volume within hours, according to bMighty security blogger Keith Ferrell.
But don't lose heart. Sure, in the battle to thwart spam, too many of the victories have gone to the bad guys. The good guys may not have won the war, but at least some of the battles are starting to go our way once in a while.
Don't Miss:
See more columns by Paul Korzeniowski.
Paul Korzeniowski is a Sudbury, Mass.-based freelance writer who has been writing about networking issues for two decades. His work has appeared in Business 2.0, Entrepreneur, Investor's Business Daily, Newsweek, and InformationWeek.
Follow bMighty.com on Twitter @ http://twitter.com/bMighty
Put a bMighty gadget on your iGoogle page
Get bMighty on your mobile device
