10 Comments

Summary:

How much of a drag is spam putting on the global broadband and messaging infrastructure, and where is it coming from? According to Symantec’s newly released 2009 MessageLabs Intelligence Report, spam is a huge burden: In September, the global ratio of spam in email traffic from […]

Spam in mailboxHow much of a drag is spam putting on the global broadband and messaging infrastructure, and where is it coming from? According to Symantec’s newly released 2009 MessageLabs Intelligence Report, spam is a huge burden: In September, the global ratio of spam in email traffic from new and previously unknown bad sources was 86.4 percent. And botnets — autonomous and automated collections of compromised computers — are responsible for 87.9 percent of it. Despite efforts to curtail botnet activity, it looks like the spam problem continues to grow.

More than 150 billion unsolicited email messages are being distributed by compromised computers every day, according to the report. Its findings are in line with data reported at the recent RSA conference on botnets, and warnings from Google and others about them. Indeed, botnets have emerged as the most significant enemies in the war on spam, and efforts to fight them only temporarily slow them down.

Paul Wood, senior intelligence analyst at Symantec’s MessageLabs division, points out that in the past year, several ISPs have been taken offline for hosting botnet activity. For example, after being identified by upstream service providers and security researchers for suspected botnet hosting, San Jose, Calif.-based McColo was taken offline in November of last year. PriceWert’s shutdown is another example.

Wood says that these closures have had some impact on botnets, but not enough. As he writes in the report, “[C]losures now have less of an impact on resulting activity as downtime now only lasts a few hours rather than weeks or months as before.” That’s because, by nature, botnets reach out to expanded points of distribution.

Tracking how ISP closures temporarily slow down botnets, and how new botnets suddenly become dominant, is like reading through a battle scene from “The Lord of the Rings.” As the MessageLabs report notes, “A newer botnet, Maazben, has experienced rapid growth since its infancy in late May mainly sending out casino-related spam while Rustock, one of the oldest and largest botnets, has doubled in size since June and established a predictable spamming pattern.” Grum and Bobax are some of the other unsavory names among botnets. Grum is especially active, responsible for over 23 percent of global spam, according to the report, a fact that illustrates the enormous pattern shift we’re seeing in exactly how spam drags down the communications infrastructure.

If you wonder why you don’t see spam messages as nearly 90 percent of emails in your inbox, however, Matt Sergeant, Symantec’s senior anti-spam technologist, cleared that up in an interview. “Most people don’t really see the numbers that we see, because we’re the ones filtering it out,” he explained. “MessageLabs tracks over 3.7 billion SMTP connections per day,” he added, and its spam numbers are based on all incoming spam, before filtering. He also noted that while it’s important for users to remain vigilant about fighting spam, ISPs vary at how well they do at filtering, and as such it’s worth checking with your ISP to see what kinds of protections are in place.

  1. Thank goodness they just happened to come out with their new product line:

    http://www.symantec.com/about/news/release/article.jsp?prid=20090909_01

    It’s pretty typical to come out with a new product and then launch a bunch of press releases with doom and gloom headlines that their product just happens to protect against. This is more a PR piece for Symantec than it is news for us.

    Share
    1. It’s true that the security vendors do produce some of the doom-and-gloom reports about spam, but the MessageLabs division has been doing monthly spam metrics for many years, and really does do them monthly–whether there is a new product release or not. Also, the numbers on botnets are in line with similar numbers recently reported from several sources at the RSA conference.

      Sebastian

      Share
      1. Entirely too reasonable and rational. :)

        Share
  2. I am stumble to see huge spam messages flooding. They are using enough of bandwidth with no reasons.

    Share
  3. [...] Botnets Tighten Their Grip on the Broadband Infrastructure (gigaom.com) Share and Enjoy: [...]

    Share
  4. [...] spew spam all around the globe — have become a scourge on the communications infrastructure. As we covered a few days ago, Message Labs, a division of Symantec that tracks over 3.7 billion SMTP connections [...]

    Share
  5. Botnets pose a serious threat to everyone, that’s for sure. But does anyone really try to solve it? I mean, don’t just measure the number of botnet computers. If Symantec can filter billions of spam every day, collecting the IPs of botnet computers should be easy. Make an effort to notify those victims, so that they can do something about it. That might boost the sale of their security products as well.

    Share
  6. [...] is that for many users, email is broken. Inboxes are flooded with useless information as botnets tighten their grip on the broadband infrastructure, alternative ways to send and view messages are proliferating, and it’s just difficult to [...]

    Share
  7. [...] was launching a new program called “Constant Guard” to combat botnets, which are a huge threat to networks of all kinds. A few months ago I had the opportunity to speak to Ed Amoroso, [...]

    Share
  8. [...] Links: Microsoft Exec Pay Cuts Feeddemon Version 3.0 Botnets our of Control! Scoble says Google Waves overhyped. Gigaom gives Google Wave thumbs up? 25 Million Pitch! Secret [...]

    Share

Comments have been disabled for this post