Highlights
– Spam levels are up 4.9 percent since December 2008 to approximately 74.6 percent of all e-mails circulating the Internet after shutdown of junk mail-friendly ISP McColo
– Botnets continue to send large quantities of spam
– Quicker and more effective methods of discovering large botnets and promptly taking them offline will be needed to effectively fight spam operators
According to two reports release on January 26, 2009, the amount of spam circulating on the Internet has increased 156 percent since the shutdown of the Internet Service Provider (ISP) McColo, an infamous junk mail-friendly ISP, in November 2008. According to MessageLabs, a subsidiary of security vendor Symantec and a provider of integrated messaging and web security services, spam levels are up 4.9 percent since December 2008 to approximately 74.6 percent of all e-mails circulating the Internet. This number is in stark contrast to the drop in spam levels experienced after computer security analysts and a Washington Post report convinced ISPs providing McColo with data connectivity to disconnect them from the Internet because of the large number botnets – a group of compromised computers typically configured to send spam – being controlled from the ISP. According to data compiled by MessageLabs, spam levels dropped to around 58 percent after McColo was taken offline, but quickly rose to 69 percent in December 2008, as new botnets came online and existing botnets were instructed to churn out more spam to keep pace with the competition.
The quick increase shows that criminal spam rings are able to quickly adapt to attempts to shutdown their operations by commercial businesses or law enforcement agencies and are constantly analyzing commercial anti-spam methods and technologies being offered by security software companies so they can alter their techniques and malware to keep their messages flowing into users’ mailboxes. In the long-term, we expect those designing spam messages to increase the level of sophistication of their technical and social engineering techniques in an effort to dupe more Internet users into purchasing bogus products or services or following hyperlinks that download and install malware onto their computers.
Botnets Continue To Send Out Large Quantities Of Spam
When upstream data providers cut-off Internet connectivity to McColo last fall, several botnets including the Srizbi botnet, which was blamed for sending a large proportion of the world’s spam, were taken offline. Since this time, other botnets such as Mega-D have picked up the slack. Mega-D consists of an estimated 660,000 compromised personal computers (PCs) and each one is estimated to be sending out 589,402 spam messages per day. At this rate, Mega-D botnet alone is sending out 38 billion messages per day, making it one of the biggest spam contributors on the Internet.
Providers of residential and business Internet access are developing techniques and implementing technology to combat compromised computers that are spewing spam on their networks, but are having to constantly change their tactics to outmaneuver the spammers. Spamhaus, an antispam organization that tracks e-mail spammers and spam-related activity and provides three widely used anti-spam domain name service (DNS) blocklists, stated that it is in the process of tracking which ISPs are hosting the command-and-control servers for some of the world’s top botnets. The group hopes to use this information to approach ISPs whose networks are being used by spammers and get these ISPs to voluntarily terminate connectivity to these botnet operators. In the long-term, we believe this method along with successful law enforcement will be the most successful in curtailing the creation of large botnets to send spam.
Outlook
According to the report released by MessageLabs, spammers are expected to increase their reliance on botnets in 2009. The report stated that spammers are leveraging current news events, and even the economic downturn to lure Internet users into purchasing their products or services or downloading malware onto their computers. On January 15, 2009, the United States Computer Emergency Readiness Team (US-CERT) issued an advisory stating that it had received reports of new junk mail campaigns and phishing sites related to the inauguration of President Barack Obama. In addition, the MessageLab report found evidence that spammers are using the current economic crisis to dupe users into clicking through e-mails sent by get-rich-quick schemers and bogus goods and services companies. Spammers are even utilizing fictitious shipping tracking forms and fake news stories to lure users into following malicious hyperlinks to websites that are hosting malware.
According to a study conducted in 2007 by Nucleus Research Inc., spam management costs U.S. businesses more than $71 billion annually in lost productivity. As businesses struggle to keep out of the financial red in the current global economic crisis, they will also have to deal with the plague of spam that undermines the effectiveness of e-mail, a timely, cost effective, and extremely important method of communication in the business world. It will be important for security experts, politicians, and agencies charged with enforcing anti-spam laws to find effective methods of curtailing the spread of spam on the Internet, lest struggling business and governmental entities be stuck paying the enormous costs associated with fighting a seemingly relentless barrage of wasteful digital mail.