Gallery

Welcome to a spamless world?

Posted on 28 Jan 2009 at 16:05

This month, Davey Winder fantasises about killing spam, and pines for some security gadgets he probably won't get for Christmas.

Want to know why spam is such a problem? It isn't due to the inability of most end-user filtering software to do what it promises on the tin, nor even the ISP industry's inability to get its act together and squash the evil trade. Spam remains a problem thanks to two other deficiencies: the lack of legislative teeth among government agencies and of self-control among end users.

Let's deal with the users first, blithering link-clicking idiots that many of them are. Everyone seems to know at least one person who has actually bought something via a spammed advert, hardly surprising given that a recent survey reveals 29% admitting having done so (a similar survey a few years back showed only 20%, so the number is rising - fuelled no doubt by an influx of numpties on cheap broadband connections). What are they buying? No real surprises there: sexual performance-enhancing drugs, porn, fake watches and pirated software...

A couple of facts make this a big deal. First, sending spam is extremely cheap: a recent FBI report suggests around £6 per million messages at the expensive end of the market. Now consider that, according to the Marshal TRACE team, during the first half of 2008 the Srizbi spam botnet alone pumped spam at the rate of 7.8 billion messages per hour, and you can see the potential for profit involved. Second, a lot of people actually buy from these spammers. US researchers infiltrated a live spamming network, effectively hijacking part of the Storm botnet to monitor responses for a whole year, which allowed them to dissect the economy of spam as never before, and the results were truly shocking. To make a profit, a high-volume spam operation requires just a single buyer for every 12.5 million messages it sends out: the research team sent 350 million spams in 26 days, drawing traffic to a fake online pharmacy site, and it received a response rate of 28 sales, which was alone enough to generate a profit of £65 per day. Scale that up to the size of operation the people behind Storm were capable of and the profits run at around £4,400 a day.

That's why spam is such a problem, a powerful combination of greed at both ends of the supply chain, coupled to the ease with which criminal organisations can establish massive spamming operations thanks to the existence of captive botnets. There's no sign that shoppers who think they're getting a bargain will change their ways, nor of any legislative change to give the authorities more bite, but the media has emerged as an unlikely hero in the fight against spam.

Although it's actually premature to talk about the death of spam (caught your eye, though, didn't it?), recent events have certainly dealt the spammers a serious blow, so serious that, as I write, global spam traffic is still down to less than 50% of its usual volume. It all started when the previously mentioned Storm botnet - at one time thought to be responsible for around 20% of all the spam distributed around the world - dropped dead. In September 2008, the amount of spam flowing through the 1 million zombie PCs that make up the Storm botnet dwindled to a big fat zero, and the hero was, according to most industry experts I've spoken to, Microsoft.

Bill's boys had added Storm to the list of threats targeted by the Microsoft Malicious Software Removal Tool back in September 2007, and its effects were starting to be felt within a month - that's how long it took Microsoft to clean a quarter of a million computers. By the end of January 2008, Storm's 20% share of the total spam traffic had dropped to just 2%, and it has struggled to get above 1% ever since.