Filters have gotten so effective at keeping junk e-mail away from users that there's little public outcry against spam today. But behind the scenes, the problem is worse than ever--and it could mask a serious, real-world threat.
If billions of spam messages travel throughout the Internet every day, but consumers see just a few of them in their inboxes, do they really exist?
Unsolicited bulk e-mail, otherwise known as spam, accounted for about 80 percent of all the e-mail traffic on the Internet during the first three months of 2006. This was the conclusion reached by the international Messaging Anti-Abuse Working Group, whose members include AOL, Bell Canada, Cingular Wireless, EarthLink, France Telecom, Microsoft, Verizon, and Yahoo. Together, these organizations account for about 390 million mailboxes.
And they should know. Microsoft and AOL combined block nearly 5 billion pieces of spam every day. Nearly nine out of every ten e-mail messages at Microsoft's MSN Hotmail are spam. The company says 95 percent of them never reach their intended targets and thus, spam is contained.
"In some ways it's a good news, bad news situation," says Michael Geist, the Canada Research Chair in Internet and E-commerce Law at the University of Ottawa, Faculty of Law. "The good news is the filtering systems have become better and better in corporate environments and at Internet service providers. The level of spam users have received has decreased. The bad news is the amount of overall spam hasn't decreased at all. It may be increasing."
"The use of zombies as a tool in tandem with a real-world terrorist attack will happen, I have no doubt." Neil Schwartzman, CAUCE Canada
And it's getting increasingly pernicious. Messages that once pitched herbal remedies or guarantees to enlarge certain body parts now arrive ready to infect computers with viruses, spyware, or keylogging software. Once they round up enough contaminated PCs, spammers potentially can control networks of zombie bots they can use to send even more tainted e-mail or to command distributed denial of service attacks.
"The vicious content in the e-mail stream right now is beyond belief," says Neil Schwartzman, chairman of the Coalition Against Unsolicited Commercial Email (CAUCE) in Canada. "We're not talking about the old scams we saw from a few years ago. It's a lot nastier."
Schwartzman foresees a time when zombies are employed for purposes far more devastating than sending junk e-mail. "The use of zombies as a tool in tandem with a real-world terrorist attack will happen, I have no doubt. It's obviously a scary proposition. To compound a real-world attack, it could be effective."
For example, zombies could be used to call 911 simultaneously and overwhelm the emergency response capability of a particular municipality. In a similar scenario, Christopher Maxwell, 20, of Vacaville, California, pleaded guilty in May to shutting down computers, physicians' pagers, and operating room doors in the intensive care unit at Northwest Hospital and Medical Center in Seattle by means of a botnet attack.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.