The state of spam: An interview with Jamie de Guerre, Part 1

Spam is a major operational problem for all professionals because of its waste of bandwidth; it is a significant nuisance even for non-professionals, contributing to computer-based crime and increasing doubts about e-commerce. I recently interviewed Cloudmark CTO Jamie de Guerre via e-mail and am pleased to convey our discussion in a two-part report.

How’s the spam? We hear estimates of anywhere from 75% to 90% of the total bandwidth of the Internet is being wasted by unsolicited commercial e-mail; what do the experts find?

Cloudmark provides spam filtering for the world’s largest e-mail providers including 11 of the top service providers in North America. Over 96% of all e-mail sent to these operators is spam today.

Are there regional variations in spam? That is, are different parts of the world receiving different amounts of spam and are there differences in the origination frequency by geography?

Yes, there are differences in both the amount of spam received and generated by different regions.

North America is definitely the leader in receiving spam. As I mentioned, over 96% of all e-mail received by large North American operators is spam. That number is quite a bit lower in Europe – only around 85% of all e-mail received by large European operators is spam. In Asia, the number is similar, around 80% of all e-mail received by major Asian operators is spam.

This graph shows the percentage of spam generated by several of the top sources of spam in the world, by country.

Has the legal situation improved any? Some years ago, I wrote a column with my favorite title of all time: “Can CAN-SPAM can spam?” Obviously, it hasn't. Are there any legal measures that you think would be of any use at all in fighting spam?

Yes, the legal situation has improved; however, the impact is negligible. Efforts by organizations to track down attackers have increased. There have also been some successful prosecutions. However, these actions have had a relatively small impact on the amount of spam and on the attackers. The rate of successful prosecutions has been slower than the growth of the attacking community by orders of magnitude.

The attacking community is now a sophisticated, mature market economy. The combination of widely available services from advanced researchers enabling anyone with malicious intent to join the attacking community has dramatically lowered the barrier of entry for a wide network of wannabe hackers to conduct sophisticated and malicious attacks. While the legal situation has improved, at this point, the outlook is grim for any hope of it having real impact.

The spammer community has grown rapidly over recent years. It has perfected the underground open-market system for trading of services, wares and cash. Today, the most advanced attackers are not actually committing fraud themselves - they’re now selling their services (e.g., botnet time shares, exploits, spyware) to a broader, lower-skilled open community of new attackers. The best hackers operate research and development departments with PhD-level computer scientists. Their attacks are creative, efficient and innovative. They have expanded their services by providing customer support, reporting services and multiple pricing options for services. Meanwhile, more novice attackers are eager to join the game and they are often even more malicious than their predecessors are and increasingly creative with their social engineering techniques for persuading consumers to pay attention to their spurious offers.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.