Spam - 30 years on

04/07/2008

 

May 3rd 1978, a marketer for Digital Equipment Corporation named Gary Thuerk, sent an unsolicited e-mail invitation to an open house event for the newly released DEC-20 computer.

Gary Thuerk’s message was sent over Arpanet, the closed research network that was the forerunner of what we now term as the Internet. During this time US Defense Communications Agency (DCA) ran the Arpanet and viewed the e-mail as a breach of their “acceptable use policy”. The Acceptable Use Policy limited Arpanet use to that which supported research and education. A call was placed to Thuerk’s boss who was reprimanded for his actions.

Now 30 years on from the first unsolicited “Spam” e-mail, Dr. James Blake, Product Manager of unified management company Mimecast looks at where we stand today, what threats are round the corner and the challenges as we move forward.

Fast forward 30 years and today’s Internet has no central enforcement authority. Instead we have been experiencing a growing global Spam problem in the last decade that has been relentless in its growth and now accounts for most of the e-mail traffic on the Internet. We’re actually aware of this as we process millions of e-mails an hour on behalf of customers and are engaged in a constant cat-and-mouse game with the spammers. It’s a war that sadly looks like never ending and I wonder if Mr Thurek had foreseen this? I very much doubt it. For the billions of e-mail users worldwide, Spam is an annoyance and distraction that can very quickly be adapted to deliver social engineering attacks as well as spreading viruses and hacking threats throughout the Internet. Indeed, it is recognised as the preferred vehicle of attack by hacker gangs throughout the world.

However, Spamming makes economic sense, with the cost of sending a single message on the Internet being practically zero. It is especially effective when utilising thousands of computers that have been compromised by malware that are then linked together to form a botnet. Even if only 1 in 100,000 e-mails results in a sale, or infection, it represents an effective, if annoying and disruptive, distribution medium.

The security industry continually comes up with innovations to reduce the burden of spam, one example of this is the ‘capatcha’ - those scrambled up characters you have to type when signing up for an account on the Internet. The capatcha is a test designed to ask the user to perform tasks that only a human can complete.

The whole arms race continues, with moves afoot to implement capatchas that now include some form of thought processing, such as the picture of 5 animals which asks the user to click on the cat. How long is it before spammers are able to use image analysis? Their engineering skills are impressive, their criminal backers are very wealthy and they have found the perfect tool to help them make money from silent attacks, from geographically dispersed locations, which in effect making them almost untouchable. Several suggestions have been made to solve the issue, from a ‘postage cost’ per e-mail sent, to requiring all senders of e-mail to authenticate themselves. These suggestions breach the foundations on which Internet e-mail runs upon - “a free and open channel” that requires no established relationship between communicating parties.

It is not just spam that inconveniences the user, the mitigation solutions do too. False positives categorise legitimate e-mail as spam and quarantined e-mail needs to be sorted through and checked. So the challenge as we move into the third decade of spam is to continue the arms race and remain one step ahead, while minimising the impact on the user of e-mail systems.

Read more on Dr James Blake’s Blog www.mimecast.com/blog.

To further highlight the issues around Spam and requirements for protection McAfee recently embarked on a global experiment - S.P.A.M. (Spammed Persistently All Month) engaging fifty volunteers around the World to say “yes” to a diet of Spam for 30 Days.

The volunteers ranging from homemakers, executives and students to retirees - surfed the Web, making online purchases and registering for promotions. Participants were provided with a clean laptop without Spam protection and a new e-mail address. With a proven link between Spam and cybercrime, the experiment aimed to show the devastating effects of Spam.

To view the daily progress of theS.P.A.M. Experiment and read reports from the participants, visit www.mcafee.com/spamexperiment

The first ever can of SPAM® was produced in 1937 by Hormel Foods in Austin, Minnesota, and they’re still going strong.

It’s important to make the distinction between Spam and SPAM®. One being a can of precooked meat, the other being unsolicited junk e-mail.

It’s a bit tricky after 30 years of Spam to get the world to adopt a new word for unsolicited junk e-mails though. The word has become too widely accepted, and the chance of successfully getting a new word into circulation is zero.

Spam has become a huge burden on the internet, and big business for the Spammers. Experts reveal that 92.3% of all e-mail sent during the first three months of 2008 was Spam. In addition, during this period, Sophos found 23,300 new spam-related web pages every day, or one about every three seconds.

The top ten Spam-relaying countries are as follows:
January to March 2008
1. United States 15.4%
2. Russia 7.4%
3. Turkey 5.9%
4. China (incl HK) 5.5%
5. Brazil 4.3%
6. South Korea 4.0%
7. Poland 3.8%
8. Italy 3.6%
9. Germany 3.4%
9. United Kingdom 3.4%
Other 36.8%

Asia and Europe account for 65% of the world’s Spam. Swarms of financially motivated criminals are controlling botnets in Asia and Europe, as well as the Americas.

The simple fact is that if people didn’t respond to Spam, if they didn’t buy the goods, or invest in the pump and dump stock, most of the Spam would soon dry up. If you want to fight Spam - stop helping the spammers make money out of it, resist the urge to buy goods and put the Spammers out of business.

Softcat’s vendor partners have best of breed solutions to combat Spam and secure networks. Their solutions are detailed in brief below.

Sophos E-mail Appliances, part of E-mail Security and Control, deliver compact, intelligent and easy to manage protection for e-mail networks.

Innovative technologies protect against viruses, spyware, Trojans, spam and evolving e-mail-borne threats, and prevent information leakage. The management console offers easy control of the e-mail gateway, providing an instant view of system performance. Comprehensive reporting enables better strategic management of the messaging infrastructure. Maximum uptime is ensured by built-in redundancy and automatic system maintenance. Sophos appliances communicate with Sophos every five minutes, automatically receiving anti-virus and anti-spam updates and reporting on hardware status. Optional remote assistance is available via a secure connection.

Trend Micro InterScan™ Messaging Hosted Security integrates multi-tiered anti-spam and anti-phishing with award-winning anti-virus and anti-spyware. Flexible content filtering enforces compliance and prevents data leakage. This comprehensive hosted e-mail security blocks threats before they can touch the network, securing the network and saving bandwidth and storage. Organisations can choose the management level that best suits their security needs with either streamlined administration or granular access and control. Both are managed through a single Web-based console for easy administration of e-mail This cost-effective hosted security solution features high availability, reliability and scalability that is optimised to block standalone, blended-threat and customer specific e-mail attacks.

All MIMEsweeper™ E-mail solutions use antispam technology to maximise spam detection and minimise false positives. Current detection rates are in excess of 99.9%, and consistently exceed 99.5% detection of all spam traffic through honeypots over the past six months.

TRUSTmanager™ - the sender reputation service that offers four reputation bands for e-mail messages: Good (whitelist), Neutral, Suspicious (greylist) and Bad reducing spam by 70%+.

SpamLogic™ - the anti-spam engine using Bayesian, Signature, MailFilter, SURBL plus other engines to detect/handle normal and image spam.

ThreatLab™ LIVE - automatically issues autoupdating threat mitigation patches well in advance of other defense updates.

Kaspersky Anti-Spam helps mail system users eliminate unwanted mail. It employs intelligent spam detection technology, which was developed using the company’s extensive experience in protecting large-scale mail systems.

Protection from spam

• Filtration based on DNSBL lists (DNS-based Blackhole Lists)
• SPF and SURBL filtration technologies
• Analysis of formal attributes
• Signature-based analysis of messages
• Scanning of messages using linguistic heuristics
• Detection of graphic spam
• Real-time UDS (Urgent Detection System) requests.

Administration

• Management via web interface
• Filtration rules for user groups
• Processing options: delete, quarantine or mark as spam and deliver
• Automatic updating of signature databases
• Detailed reports.

Symantec Brightmail Antispam™ combines effective spam catching with a high accuracy rate that helps prevent false positives. Deployed at the e-mail gateway, this easy to manage solution defends against spam, e-mail fraud, viruses and other unwanted e-mail. With flexible spam management capabilities and automated filter updates, it meets enterprise security needs without imposing a significant administrative burden.

Symantec™ Mail Security 8300 Series appliance not only includes the Brightmail Antispam technology but also delivers world class antivirus, and IT compliance technologies to protect against today’s malicious threats to networks and data in one fully integrated security appliance.

McAfee offers comprehensive, accurate e-mail and web security solutions that protect your network and workforce from spam, phishing and other threats.

McAfee Secure Messaging Service
Block e-mail-borne attacks in their tracks, prevent spam, viruses and phishing scams.

McAfee Total Protection Service
A security-as-a-service solution that’s smart, simple and secure Streamline your security with our automated, all-in-one service that protects your systems continuously against emerging threats.

McAfee E-mail and Web Security Appliance
This convenient appliance protects you from spam, viruses and other exploits with a high degree of accuracy.