Home > Information Security Magazine > Features > Spam Blockers Losing Ground on Sophisticated Attackers
EMAIL THIS LICENSING & REPRINTS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Spam Blockers Losing Ground on Sophisticated Attackers
by Mike Rothman
Issue: Jun 2008
printer-friendly
licensing & reprints
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   NEXT PAGE  >

COUNTERMEASURES
Of course, defenders are not standing idly by. As the attackers exploit new fronts with new techniques, security forces are moving swiftly to contest the breach:

  • Defense spending. The top-tier antispam vendors invest a lot of money in research to penetrate spam networks, discover bot operators and analyze messages. As the bad guys continue to innovate, this level of investment becomes a cost of doing business--vendors that can't keep up will see their spam catch drop precipitously.


  • Homing in. Vendors are supplementing reputation networks in the cloud with data gathered locally by specific customers, as well as cross-referencing with user feedback (the "report spam" button) to continue to track and flag servers that send spam. They are also combining email reputation data with other data sources, such as scanning attacks caught by firewalls and attacks detected by Web filters, to triangulate on the true intention of an IP address with increasing precision.


  • Who goes there? A lot of researchers hold to the hope that getting legitimate senders to digitally sign their email and publish SPF records to prove their authenticity will help detect spam. In practice, the bad guys have been at least as effective at getting their authentication credentials in place, undermining the system.


  • Sign in. Signatures of spam messages hearken back to the first generation of spam defense, but this technology is making a comeback as the vendors track hundreds, if not thousands of message characteristics that are increasingly hard for the spammers to fool.


  • Combined arms. Email-only solutions are becoming increasingly uncommon, as end users want to integrate multiple content security offerings into a combined gateway encompassing email, Web and other messaging applications. Integrated gateways combine reputation information, and also for allowing a user to build a common policy to govern the use of content, regardless of the protocol used to send it.


  • Better training. End users are the last line of defense; investing time to educate them will help eliminate a lot of the silly behavior spawning the worldwide epidemic of zombies. User education may be the only defense against whaling attacks that target senior executives with highly personalized solicitations.

THE FOREVER WAR?
Is there an end in sight? Not likely. As long as victims keep clicking on phishing message links, buying fraudulent products online and responding to solicitations, there will still be a significant return on investment for the bad guys, who will continue to send spam at an alarming rate.

"The format and way that messages are delivered will change," says Doug Bowers, senior director of anti-abuse engineering at Symantec, "but in one form or another, spam will continue to exist as long as there are enough people who respond to make it profitable."

< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts