The New Information Agenda. Do You Have One? The lack of trusted information is a major concern for businesses worldwide. The information agenda is a comprehensive, enterprise-wide plan for creating, delivering, and exploiting trusted information. It allows CIOs to achieve short-term tactical and long-term strategic changes. »   The Outsourcing Decision for a Globally Integrated Enterprise: From Commodity Outsourcing to Value Creation The Outsourcing Decision for a Globally Integrated Enterprise Globalization and advances in technology have changed the way business gets done. Today, outsourcing helps make the globally integrated enterprise possible. And the decision-making process for outsourcing is changing — with CIOs playing a more strategic role. »   IBM CIO insights: Igniting Innovation By Fusing Business and IT The disconnect between business and IT leaders is nothing new. But in a highly competitive environment, where innovation is the key to success, this lack of integration can cause companies to stagnate, lose money, and miss valuable opportunities. CIOs need to take the lead in correcting this problem. This executive guide outlines the solutions and initiatives IT leaders need to implement to help bridge the gap. This executive guide offers the solutions and insights CIOs need to take the lead in building a more innovative, more successful company. »   How are Other CIOs Driving Growth? IBM interviewed over 175 CIOs to see how they're bringing together business and IT to drive growth and financial success. We found that organizations with high levels of integration have experienced a 9% return on investment, and a 6% return on assets. Want to learn what else they are doing? Read our Global CIO Leadership Survey. »

XML/RSS feeds EarthWeb IT Management news and headlines CIO Update headlines See more EarthWeb Network RSS feeds FREE Tech Newsletters Instant Messaging Planet HTML CIO Update CodeGuru Update Enterprise Networking Planet Practically Networked HTML Enterprise Storage Forum HTML Optically Networked HTML Intranet Journal Update Datamation IT Management Careers Datamation IT Management Update Developer.com Update Gamelan Java Update Goodies to Go Javascript Weekly HTML JARS Java Update OpenSource Update SysOpt Tech Notes Grid Computing Planet HTML E-Security Planet HTML Virtual Dr. Text

Related Articles •Porn Spam Causing Litigation Fears •Don't Patch and Pray

Special Reports • ITIL v3: Bridging the Gap Between IT and Business • Outsourcing’s Seven-Year Itch • The Productivity of Technology is in Jeopardy • Offshore Considerations for Infrastructure Management • Disaster Waiting to Happen • Friday’s Top 5 • Top 10 Money Savers for 2008 • Understanding the 10 Fundamentals of Any Business • 8 Great Training Tips from the Canadian Army • Enterprise Architecture and SOA: Two Tribes More Special Reports

IT Focus Tech Focus: Security Cybersecurity: Laws Only Go So Far Mozilla Firefox vs. Internet Explorer: Which is Safer? Is Your Blog Leaking Trade Secrets? The Las Vegas Counterfeiting Story: Is Your Privacy Worth More Than a Poker Chip? Stopping Spammers at The Point of Sale

Today on EarthWebNews.com • IBM Refreshes Lotus Quickr • Where's the Money in User-Generated Content? • SpringSource's Spring Cleaning for Java • Intel, Cray Seek a Payoff Far Down the Road • Tech Heavies Push for Datacenter Standards More EarthWebNews.com

Case Study: Logistics Firm Improves Solution with HP All-in-One Storage Solution. Growing rapidly, Langham needed a disaster-recovery solution to improve system uptime and support continued expansion.

Spammers Becoming More Brazen

By Allen Bernard

October 16, 2003: Spammers are using virus-like methods to avoid blacklisting and get their messages into as many email in-boxes as possible in the shortest amount of time.

Over the past six months MessageLabs' CTO, Mark Sunner, has noticed a disturbing trend: Spammers are using virus-like methods to send out more and more spam.

The recent round of Sobig attacks is a good example, he said. Not only did the Sobig.F virus have an amazingly effective email engine, it also left in its wake a string of back-door Trojans spammers could then use to hijack machines as launch pads for more spam.

Working with SpamHaus, a U.K.-based, real-time blacklist (RBL) provider that tracks open relays, or proxies, on the Internet, MessageLabs found a direct link between the number of viruses on the Internet, like Sobig and LoveGate, which both leave open proxies in their wake, and the amount of spam being generated by spammers, said Sunner.

"This is something we've been watching as a growing trend almost in tandem with the up-surgence in spam," he said. "Currently, over 66 percent of the spam we're intercepting is coming from machines that are infected with open proxies. So the majority of spam... is actually being generated by machines infected in this way."

Sunner contends this was probably the real purpose behind Sobig.F. But, because its email engine was so effective, it backfired and now its author(s) are laying low fearing arrest and jail time.

"That actually probably was not the effect the author was looking for because they were looking to compromise lots of machines and use them as launch pads for spam," said Sunner.

While not as convinced as Sunner that Sobig.F was written either by spammers or with their interest in mind, Charles Taite, CTO of Beginfinite, which markets Gwava e-security products for Novell Groupwise, agrees the two camps are borrowing from each other and using similar tactics.

"There's certainly good evidence that spammers are getting more brazen and they're using the technology that virus makers are using to open relays and spread more spam," he said. "It's a pretty safe assumption."

Untraceable Open Door to Internet

Where Taite sees real evidence of this is in the denial-of-service attacks being carried out against RBL service providers. RBLs scan the Internet looking for open proxies and compiles those IP addresses in a blacklist. Subscribers can then download the list in real-time and use it as a filter against which incoming email can be compared. If there is a match, the email is rejected.

Spammers hate these services because it forces them to continually change IP addresses. The best way to do this? Either use your own scanning software to locate open proxies, or, even better, send out a virus that opens them for you. The user never knows his or her machine is being used to send spam and, until the IP address is found and blacklisted, the spammer has an untraceable open door onto the Internet, said Taite.

Symantec's Sharon Rukman, senior director for Security Response, hasn't necessarily found a direct link between virus writer and spammers, especially when it comes to Sobig.E and .F, but agrees with Taite there are overlapping techniques being employed by both camps.

"(Sobig.E) was opening up proxy server channels and with that, if somebody knows that somebody's machine is infected, they could get in and use that machine to send out spam," she said. "The question that we have not been able to verify is did Sobig happen because spammers chose to put it in? Or, was Sobig available and then spammers realized they could use it and went ahead and sent out spam?"

Either way, the result is the same: more spam. Over the past six months, spam has increased dramatically and, in the same time frame, the nature of viruses has changed as well, said Sunner. Less destructive payloads but more pervasive and faster moving seems to be the effect writers are going for these days, he said.

"The main trend that we can really put our fingers on is what we've seen with the most recent viruses," said Sunner. "Viruses like Sobig don't have a malicious payload. (But) [w]ith the amount of machines that were compromised, that gives you an absolutely vast spamming array."

And with that array spammers can generate large sums of cash, which may explain why all of this is happening in the first place, he said. Writing viruses used to be about notoriety or the challenge, but, with amount of money to be made from the unsuspecting, those motives seem to be changing.

"With spam there's money in this, which is basically appealing to a completely different type of individual," he said. "There really is, in some cases, a vast commercial gain to be had so it's a great way to exploit the massive emailing powers you can generate by using virus-type technology."

Tools:

Add www.cioupddate.com to your favorites Add www.cioupddate.com to your browser search box IE 7 | Firefox 2.0 | Firefox 1.5.x Receive news via our XML/RSS feed

• Return to Technology Trends Index
• Return to www.cioupdate.com Homepage