Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Spam volumes grew 6 percent last year, says Google

Security researchers must find new ways to battle spam, according to Google's Postini mail filtering division

Despite security researchers' efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google's e-mail filtering division Postini.

Security researchers have won a few significant battles against the spammers in the last year, first against those hosting the spammers' control systems, and later against the control systems themselves, but they will have to change tactics again if they want to win the war, Google said in a posting to its Enterprise blog.

These days, spammers typically contract out the business of sending messages to a botnet operator, who controls a group of malware-infected PCs. There are dozens of botnets of varying sizes, each typically looking to a different command-and-control server for its instructions.

In the first half of last year, security researchers concentrated their efforts on identifying the ISPs or hosting companies that allowed these command-and-control servers to operate, and shutting them down. The success of that tactic was short-lived. It took a little less than a month after the shut-down of ISP 3FN for spam sent to the 18 million business users of Google's Postini service to return to its previous level, while the closure of Real Host affected spam levels for only two days: the botnet operators quickly found new homes for their servers and reprogrammed their botnets.

Security researchers soon switched their attentions to the botnet command-and-control servers themselves, infiltrating them and preventing the botnet from receiving new instructions. However, the closure late last year of Mega-D, a botnet of 250,000 PCs, and the crippling early this year of the Waledac, Mariposa and Zeus botnets, has had little effect on spam volumes, with spammers simply turning to another botnet to deliver their e-mail, Google said.

Those successes meant that the volume of spam fell 12 percent from the fourth quarter of 2009 to the first of 2010, although levels remained higher than a year earlier.

One reason Google identified for that year-on-year growth was that the botnets pushed out a higher volume of virus-laden spam in the second half of the 2009 than in the first half (3.7 percent compared to 0.3 percent), with a peak in the fourth quarter of up to 100 million virus-infected messages a day. Many of the machines infected by those viruses would have been recruited to join the botnets, Google said.

While Google didn't suggest where security researchers ought to strike next, others have named the target. If hitting rogue hosting companies doesn't help, and beheading the botnets is limited in effect, then the next logical step is for ISPs to target the PCs that make up the botnets, blocking the TCP/IP ports through which they send e-mail and notifying their owners that they need cleaning up, according to Trend Micro CTO Dave Rand.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Google, Mariposa, Microsoft, Postini, Rand, Trend Micro
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Google, spam
Latest Blog Posts
Whitepapers
  • Beverage Distributor Virtualises Data Centre: A case study
    Low cost servers, used for applications such as sales force automation and workgroup collaboration, had contributed to server sprawl, causing the data center to outgrow available power and cooling capacity. Server virtualisation helped but had begun to slow network performance. “We wanted 10 Gigabit Ethernet connectivity without the expense of building a new data center,” says Rory Regan, network and telecom manager, Coca-Cola Bottling Company Consolidated. “We decided to build a new data center network that would continue to work with our existing servers and storage as we gradually migrated to a unified fabric.” Read this case study
    Learn more »
  • SOA and Business Processes: Making the Connection
    Service-Oriented Architecture (SOA) is also complex, and one of its main characteristics is that an SOA system is comprised of multiple applications that are combined to accomplish critical business processes. Discussions of SOA can quickly grow so complex that the system’s main benefits to an organization are difficult to fully understand. This article discusses SOA Suite 11g, a family of products that take SOA to a new level and correct some of the problems caused by the very combination of components and multiplication of languages that make SOA a flexible, agile system.
    Learn more »
  • Top 10 Mistakes in Data Centre Operations: Operating Efficient and Effective Data Centers
    For years, the data centre industry has accepted that human operational error, not poor data centre design or engineering, is the number one cause of data centre downtime. Now is the time for companies to evaluate their data centre operations programs. They must be able to clearly articulate operational requirements and design an operations program based on the risk profile of the data centre. However, the road to creating an industry-best operations program will not be easy, especially for those companies whose core expertise is not in business critical facilities. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments