Network Management


Spam Still Packs a Punch

The days of in-boxes flooded with spam messages on an assortment of sordid subjects are a faint memory to most email users, but what spam has lost in volume it’s gained in power.

More than two-thirds (69 percent) of some 200 IT decision makers in companies with five to 1,000 employees said a spam incident in the last year had severely disrupted their business operations — or halted them entirely — in a survey GFI Software released last week.

Those incidents can disrupt business in a number of ways, said GFI General Manager Sergio Galindo.

“Criminals are increasingly using spam to deliver malware payloads into the workplace with the intent of either causing disruption, holding PCs and servers for ransom, or even stealing valuable information that can be sold or used for fraud,” he explained.

“Infected machines mean unproductive computers and users limiting business activities — and as a result, losing money,” continued Galindo. “Stolen data can result in everything from fines to lost customer confidence.”

Even old-fashioned nuisance spam can tax productivity. For example, more than three-quarters of businesses (77.5 percent) rely on their employees as their last line of defense against spam, the survey showed. So workers are still expected to do some spam weeding.

Time Lost Forever

“Even the most innocuous single-line non-malicious solicitation is still another item that interrupts an employee’s train of thought, takes time for them to read, and time to process,” Kevin Epstein, vice president for advanced security and governance at Proofpoint, told TechNewsWorld.

“Time that workers spend weeding spam out of their in-box is lost forever,” observed Jaeson Schultz, a threat researcher with Cisco Systems.

Then there’s the old problem of false positives.

“Companies deploying antispam technology with a poor false positive rate also lose worker productivity in the form of time spent fishing legitimate mail out of the spam folder,” Schultz told TechNewsWorld.

Spam also consumes the time employees administering an organization’s system. They must spend time not only fighting malicious threats spawned from spam, but also maintaining the antispam apparatus needed to keep junk messages from reaching in-boxes.

They seem to be doing a good job at that, though. Forty percent of the survey respondents said spam volumes did not exceed 15 percent of the traffic on their networks. A third of the IT pros pegged spam volumes at 25 percent of their traffic, and 13 percent estimated half the traffic on their nets was spam.

From Nuisance to Menace

Spam can add to a business’ storage costs. More than a third (36 percent) of the IT decision makers in the GFI survey estimated that half the mail storage for their organizations was consumed by spam.

The survey reflects the changing face of spam in recent times.

“Five years ago, spam was an epidemic nuisance with some harm sprinkled in,” Patrick Peterson, founder and CEO of Agari, told TechNewsWorld.

“Today, we’ve licked the nuisance spam problem,” he said.

That’s part of the reason that overall spam volumes on the Internet are down.

“Sending a billion messages to get 10 million delivered for 100,000 clicks just doesn’t work anymore,” Peterson pointed out. “The spammers who remain are much more intelligent, much more sophisticated criminals who don’t play the volume game.”

Volumes also have been reduced by the takedown by law enforcement of giant botnets used to spew spam across the Net.

“We still have contemporary examples of botnets that send spam using the same old shotgun-blast approach, such as Kelihos,” explained Cisco’s Schultz. “However, it is much more common in 2014 to see spam sent to more targeted lists of recipients and not from botnets.”

One thing in the war on spam never seems to change, however.

“We are in a constant arms race,” Andrew Conway, a threat researcher with Cloudmark, told TechNewsWorld, ” where new techniques for spamming are matched with more sophisticated spam filters.”

Breach Diary

  • Oct. 6. 1E releases survey performed by VansonBourne showing 86 percent of global organizations ban personal PCs from work for security reasons.
  • Oct. 7. Brian Krebs reports server configuration error at MBIA, the largest bond insurer in the United States, has exposed information on countless customer accounts to public view. The error allowed Internet search engines to index the information on the server and for it to be accessed by a simple Web search.
  • Oct. 7. Proofpoint reports Russian-speaking cybercrime group running Qbot botnet network has “sniffed” conversations for 800,000 online banking transactions, including conversations that included account credentials. The attacks used administrator credentials purchased online to compromise a number of websites running WordPress and plant drive-by malware on them.
  • Oct. 9. Dairy Queen posts list of 395 of its stores involved in data breach that compromised customer payment card information from August to October. Company said outlets were attacked by Backoff malware that entered their systems through compromise of a third-party account.
  • Oct. 9. Thirteen-gigabyte database of photos stolen from Snapchat users posted to the Web by hackers who for years had been siphoning the images from a third-party app designed to save the pictures.
  • Oct. 10. Hartford Courant reports Travelers insurance is asking federal court to rule carrier need not pay legal expenses and losses resulting from data breach at the P.F. Chang restaurant chain. Travelers is arguing that commercial general liability policy Chang has with the carrier doesn’t cover loss or damage to electronic media and records.

Upcoming Security Events

  • Oct. 14-16. 2014 FS-ISAC Summit. Washington Marriott Wardman Park, 2660 Woodley Road NW, Washington, D.C. Registration: US$1,250-$1,750.
  • Oct. 14-17. Black Hat Europe 2014. Amsterdam RAI, Amsterdam, the Netherlands. Registration: before Aug. 30, 1,095 euros; before Oct. 10, 1,295 euros; before Oct. 18, 1,495 euros.
  • Oct. 16. SecureWorld Denver. The Cable Center, Denver. Registration: $695, two days; $545, one day.
  • Oct. 16. Privacy and Security: Teamwork Required to Tackle Incident Response. 2 p.m. ET. Webinar sponsored by ID Experts. Free with registration.
  • Oct. 17. B-Sides Raleigh. Raleighwood, Raleigh, North Carolina. Free.
  • Oct. 18. B-Sides Houston. HCC Alief campus, 2811 Hayes Rd., Houston, Texas. Free.
  • Oct. 19-20. B-Sides Washington D.C. Washington Marriott Metro Center, Washington, D.C. Free.
  • Oct. 19-27. SANS Network Security 2014. Caesar’s Palace, Las Vegas, Nevada. Courses: job-based, $3,145-$5,095; skill-based, $1,045-$3,950.
  • Oct. 29-30. Security Industry Association: Securing New Ground. Millennium Broadway Hotel, New York City. Registration: before Oct. 4, $1,095-$1,395; after Oct. 3, $1,495-$1,895.
  • Oct. 29-30. Dallas SecureWorld. Plano Centre, 2000 East Spring Parkway, Plano, Texas. Registration: $695, two days; $545, one day.
  • Nov. 5. Bay Area Secureworld. Santa Clara Convention Center, Santa Clara, California. Registration: $695, two days; $545, one day.
  • Nov. 5. FedCyber 2014 Annual Summit. Tyson’s Corner Marriot, 8028 Leesburg Pike, Tyson’s Corner, Virginia. Registration: free, government; $106.49, academics; $626.92, industry.
  • Nov. 6. B-Sides Iceland. Tjarnarb, Reykjavk, Iceland. Free.
  • Nov. 8. B-Sides Dallas-Fort Worth. University of Texas-Dallas (UTD), ECSS building, 800 West Campbell Rd, Richardson, Texas. Free.
  • Nov. 12-13. Seattle Secureworld. Meydenbauer Center, Seattle. Registration: $695, two days; $545, one day.
  • Nov. 15. B-Sides Jacksonville. The Sheraton Hotel, 10605 Deerwood Park Blvd., Jacksonville, Florida. Free.
  • Nov. 19. Stealing from Uncle Sam. 7:30 a.m.-1:30 p.m. ET. Newseum, Washington, D.C. Registration: government and press, free; before Nov. 19, $495; Nov. 19, $595.
  • Nov. 21-22. B-Sides Charleston. College of Charleston campus, Charleston, South Carolina. Free.
  • Nov. 22. B-Sides Vienna. Top Kino, Rahlgasse 1 (Ecke Theobaldgasse, 1060 Wien, Vienna, Austria. Free.
  • Dec. 2-4. Gartner Identity & Access Management Summit. Caesars Palace, Las Vegas, Nevada. Registration: before Oct. 4, $2,150; after Oct. 4, $2,450; public employees, $2,050.
  • Dec. 8-11. Black Hat Trainings. The Bolger Center, Potomac, Maryland. Course Registation: before Nov. 1, $2,500-$3,800; before Dec. 6, $2,700-$4,000; after Dec. 10, $3,800-$4,300.

John Mello is a freelance technology writer and contributor to Chief Security Officer magazine. You can connect with him on Google+.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Network Management

Technewsworld Channels