Marshal8e6, a global provider of web and email security products, today released its TRACE Labs report for the second half of 2008 which finds that while global spam volumes continued to increase, Internet Security Providers and law enforcement efforts demonstrated that significant disruption to spam volumes can be achieved by going after the perpetrators. Specifically, the Marshal8e6 Spam Volume Index or SVI, which tracks the volume of spam received by a representative bundle of worldwide domains, showed that spam volumes rose strongly in 2008 with global spam volume exceeding 150 billion messages per day at its peak. Then, on November 11, a Web Hosting Provider named McColo, which was hosting the servers that controlled several major botnets - networks of computers set up to forward spam or viruses to other computers - was disconnected from the Internet. Spam literally dropped by over 50% overnight as these botnets became effectively disabled. Spam volumes in mid-November were at the lowest levels seen since mid-2007. Volumes increased again in December as some botnets came back on stream and others gained extra business.
The Marshal8e6 report can be downloaded at
http://www.marshal.com/newsimages/trace/Marshal8e6_TRACE_Report_Jan2009.pdf
"2008 marked a turning point in the war against spam," noted Bradley Anstis, director of technical strategy for Marshal8e6. "By working together, Internet security and law enforcement professionals in different countries proved that when you go after the sources of the global spam scourge, spam can be beaten. With our growing dependence on email and digital communications, we have to continue to shift our strategy from simply blocking bad messages to attacking and stopping the sources of that malware."
Marshal8e6's comprehensive TRACE ("Threat Research and Content Engineering") Labs report, based on analysis compiled by security analysts in spam, phishing, Web exploits and malware, finds that spam remains a huge problem for enterprises. Not only does spam consume valuable network resources, it remains a popular conduit for the distribution of malware, phishing and scams. At its peak, the TRACE Labs report estimates that global spam volume exceeded 150 billion messages per day in 2008. Organisations typically report that spam represents anywhere from 75-95% of their inbound email. The Marshal8e6 report also identifies the three key botnets responsible for 75% of spam as of the end of 2008. The report points out that the McColo shutdown disrupted three major botnets, Srizbi, Rustock and Mega-D. Srizbi, which was the most active at the time, has effectively remained inoperative ever since. Although spam volumes have started to recover, they remain at a level slightly more than half of what they were prior to November.
In defending against spam, the TRACE report points out that security software products and appliances remain critical since spam attacks continue and are increasingly malicious; however, spam filtering as a whole must be supported by vigilant efforts to expose perpetrators of spam, particularly the botnets which are at the root of the vast majority of spam and malware distribution.
"In 2008, with the help of TRACE research, some of the major electronic perpetrators of spam emerged from the dark and the anti-spam community took action," added Anstis. "In 2009, the key to winning the battle for your in-box is clear: we need to stop the guns, not just the bullets."
Share