Spam and Botnets Litter E-Mail Usage

According to a recent report from Symantec's MessageLabs, an average of 87.7 percent of e-mail delivered is spam, up 6.5 points from 2008's 81.2 percent. That equates to 107 billion spam messages delivered globally every day, most coming from compromised computers. MessageLabs provides hosted e-mail and Web security services.

The shutdown of botnet-hosting service providers such as McColo in late 2008 and Real Host in August 2009, according to the "MessageLabs Intelligence 2009 Security Report," has pushed cyber criminals to re-evaluate and enhance their command and control backup strategy. Their goal: to recover from a major shutdown in hours, rather than weeks or months. Symantec's security researchers predicted that in 2010 botnets will become autonomous, with each node containing an internal means to recode itself in order to coordinate and extend its own survival.

Heavyweight botnets, including Cutwail, Rustock, and Mega-D, now control 5 million compromised computers. The first of those--Cutwail--was responsible for issuing nearly a third of all spam. Another, the Bredolab Trojan, gives the sender complete control of the target computer to deploy other botnet malware, adware, or spyware onto the victim's computer. By October 2009 that had circulated through about 3.6 billion malware e-mail messages, according to Symantec.

The most concerning security threat monitored this year, according to the company, was Conficker/Downadup, a worm created in November 2008 that allows its creators to remotely install software on infected machines. An update to the malware in April 2009 provided functionality that enables it to better evade detection. According to the Conficker Working Group, a consortium of vendors and other organizations, Conficker is of particular concern because as it hasn't yet been determined how the infected machines will be used. Microsoft made headlines in February 2009 for offering a bounty of $250,000 for the identity of the people responsible for creating Conficker, which exploits a Windows server service.

"2009 was the year that the threat landscape sharpened its skills, rather than just relying on large spam runs and malware attacks. We intercepted more variants with increased sophistication, efficiency as well as improvements in technology," said Paul Wood, senior analyst with MessageLabs. "We stopped more than 21 million different types of spam campaigns in 2009, more than twice the amount seen in 2008, and saw a 23 percent increase in malware variants year-on-year. The significant increases suggest that, thanks to the increased availability of specialized criminal toolkits, it was easier to create, distribute, and use spam and malware than ever before."

Another major challenge in 2009 was driven by the mass adoption of shortened URLs for use on social networking and micro-blogging sites. These can disguise the true Web site a visitor will link to, making it harder to anti-spam filters to identify a given message as spam.

Finally, CAPTCHAs (or "completely automated public Turing test to tell computer and humans apart") have taken their share of hits. CAPTCHA-breaking tools have surfaced, allowing cyber criminals to pass over this automated barrier for proving the user is a real human being and letting them create high volume numbers of real accounts for Web mail, instant messaging, and social networking Web sites. A new type of business has emerged that uses people specifically to interpret and enter the CAPTCHA text. According to Symantec's research, each worker can be expected to receive $2 to $3 per 1,000 accounts created; accounts are then sold to spammers for around $30 to $40. Some major Web sites that rely on CAPTCHAs are considering new forms of tests, such as large libraries of photographic images, in which the user must be able to analyze or interact with the image in such a way that would be very challenging for a computer program.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • Stylized illustration showing cybersecurity elements like shields, padlocks, and secure cloud icons on a neutral, minimalist digital background

    Microsoft Announces Security Advancements

    Microsoft has announced major security advancements across its product portfolio and practices. The work is part of its Secure Future Initiative (SFI), a multiyear cybersecurity transformation the company calls the largest engineering project in company history.

  • illustration with geometric shapes, digital circuitry, and subtle icons of an open book, graduation cap, and lightbulb

    University of Michigan Launches Agentic AI Virtual Teaching Assistant

    At the University of Michigan's Stephen M. Ross School of Business, a new Virtual Teaching Assistant pilot program is utilizing agentic AI to provide students with 24/7 access to support and self-directed learning.

  • young man in a denim jacket scans his phone at a card reader outside a modern glass building

    Colleges Roll Out Mobile Credential Technology

    Allegion US has announced a partnership with Florida Institute of Technology (FIT) and Denison College, in conjunction with Transact + CBORD, to install mobile credential technologies campuswide. Implementing Mobile Student ID into Apple Wallet and Google Wallet will allow students access to campus facilities, amenities, and residence halls using just their phones.

  • university building surrounded by icons for AI, checklists, and data governance

    Improving AI Governance for Stronger University Compliance and Innovation

    AI can generate valuable insights for higher education institutions and it can be used to enhance the teaching process itself. The caveat is that this can only be achieved when universities adopt a strategic and proactive set of data and process management policies for their use of AI.