Botnet takedowns reduce spam by 90%, but more action needed

July 6, 2011
Cyber Security, FedCyber Wire
No Comment

via Extreme Tech

According to a report just published by Symantec, the global volume of spam has dropped by as much as 90% over the past year – from as many as 225 billion messages per day to as few as 25 billion. While part of the drop-off has to do with a shift in focus from spam to other avenues like viral link scams and fake AV, hard work by the forces of good has played a very major role.

The most dramatic change, of course, was the successful takedown of the Rustock botnet by Microsoft and friends in March of 2011. Beginning with its command and control servers, they systematically disassembled the entire operation and its massive zombie network – which numbered upwards of 2 million PCs capable of sending 30 billion emails per day – one piece at a time. It was a monumental victory in the fight against spam, since Rustock was capable of sending more than three times as much email as Cutwail, the second most prodigious network. Rustock was just one of several recent successes, too; the Mega-D botnet, for example, was coldcocked by a swift, coordinated attack on its servers led by the security firm FireEye at the end of 2009.

The fight against spam is about more than just freeing up bandwidth and keeping junk out of our inboxes, though: It’s about making sure that crime doesn’t pay. That’s why the long arm of the law has become increasingly involved, and you only need to look back to June of 2011 for a few prime examples. The FBI was involved in two operations that led to multiple arrests of individuals involved in million-dollar scareware rings, and Microsoft filed charges against alleged Rustock administrators.

While that’s welcome news, there’s still one very weak link in the chain. Security expert Brian Krebs feels that it’s the financial mechanisms sustaining the remaining cybercrime networks that need to be addressed. With law enforcement and cybersecurity firms already working together and producing solid results, legitimate banks and payment processors need to take a closer look at suspending payments destined for those profiting from spam and malware. Based on Krebs’ post, simply cutting off the flow of payments to a very small group of unscrupulous payment processors could have a massive impact.

Full article here.