Private Sector Helps Thwart Major Source of Spam

Published February 1, 2009

Spam email volumes plunged by more than 40 percent virtually overnight late last year after Internet service providers (ISPs) around the world pulled the plug on a notorious Web hosting service. The victory, though short-lived, points to the market’s key role in battling spam.

Researchers at IronPort Systems Inc., a San Bruno, California-based maker of email security tools owned by tech giant Cisco, said the dramatic dip in email spam was due to ISPs blackballing a single firm—McColo Corp. The San Jose, California-based Web hosting company is accused by technology security experts and the Federal Trade Commission of hosting some of the world’s biggest spam and malware operations.

“For 2008, spam averaged nearly 200 billion messages a day,” said David Oro, a spokesman for IronPort. “In mid-November, that volume dropped by more than half because a webhost company named McColo was taken offline. They were a major source of spam.”

Empowering ‘Netizens’

By the last week of 2008, spam levels were back on the rise, but still below the levels recorded before McColo was taken down. That is a tribute to the ability of the private sector and law enforcement to work together, said Anthony Arrott, a special assistant to the chief technology officer of Trend Micro, a Cupertino, California-based anti-virus program vendor.

“Law enforcement is a tedious, painstaking task,” Arrott said. “Sometimes, like with the shutdown of McColo, the work pays off big-time. The interesting thing is how regular netizens—both private individuals and commercial enterprises—are willing to devote time and effort actively assisting law enforcement professionals in tracking down and shutting down cybercriminals.

“The McColo shutdown has turned out to be a big win for the good guys,” Arrott added. “It’s an example, at least for now, of using existing laws and aggressive enforcement to achieve significant success against cybercriminals. Vigilant enforcement along with continuous improvement of anti-spam technology probably contributes more to solving the problem than additional anti-spam laws would.

“There is no silver bullet that will stop future successful innovation by cybercriminals,” Arrott continued. “In a free and open society it is difficult to prevent some people from finding and exploiting ever-new ways to commit cybercrime. But aggressive enforcement, ever-improving security solutions, and widely practiced vigilance can keep pace with spammers.”

Taking the Fight Overseas

John Dunn, editor of the influential Techworld online magazine, said last year’s victory might be hard to sustain because if the heat gets too great for spammers in the United States, they’ll move their operations overseas.

“Hitting the ISPs that carry spam is an effective way to reduce spam in the short term,” Dunn said. “Longer term, spammers will likely move to countries where enforcement is poor. The good news is that, at the moment, most U.S. spammers don’t have the money to do that.”

That means the long-term answer isn’t necessarily to be found in government.

“The issue isn’t more anti-spam laws, although it is true that many countries are behind on this element of the fight,” Dunn said. “The United States accounts for, by far, the largest volume of spam, yet it has the strictest anti-spam laws in the world.

“Spam reaching the inbox can be reduced—and, indeed, already has been—by filtering programs,” Dunn said, adding that strict policing is needed to supplement anti-spam software.

Market Can Protect

Joe Stewart, director of malware research at SecureWorks, an Atlanta-based Web security firm, said much of the credit for spam-fighting successes goes to private security firms.

“It is the effort of researchers that had an impact,” Stewart said. “It was a problem that needed to be tackled. With McColo, we stopped it at the source. That is what the market can do.

“So to an extent, the market can protect customers, but they cannot reduce spam,” Stewart explained. “The market can stop spammers from reaching their destination, but it cannot have an impact on the global amount of spammers.

“This is not a technical problem. It is a human problem,” Stewart added. “There are people out there trying to make money, and they are always looking for new ways to infect computers. They just keep spamming and spamming. That is why we need stricter law enforcement, too.”

Tabassum Rahmani ([email protected]) writes from Dublin, California.