Security threats Toolkit

Asia: Public enemy number one for spam

Tags:
Anti-spam

Tom Espiner ZDNet.co.uk

Published: 20 Apr 2006 17:55 BST

More spam is now relayed from Asia than any other continent according to the latest research from IT security company Sophos.

Asia accounts for 42.8 percent of the spam received by Sophos' global spam monitoring network with North America in second place with 25.6 percent, the company claimed on Thursday.

Two years ago North America was responsible for over half of the world's spam. Now North and South America combined don't come close to Asia's percentage, said Graham Cluley, Sophos' senior technology consultant.

Cluley added that Europe is also becoming a major relayer of spam and now transmits almost as much as North America, at 25 percent. "I won't be surprised if Europe overtakes North America next month," he added.

On a country-by-country basis, the US still relays most spam, at 23.1 percent. China and Hong Kong come second with 21.9 percent of global spam, while South Korea is third at 9.8 percent.

China has many computers running older versions of Windows, which contributes to the levels of spam, as machines running older versions of the OS are more easily exploited by spammers.

South Korea is a particularly tempting target for spammers due to its advanced technology infrastructure and the economic rewards of setting up networks of zombie computers, or botnets, said Sophos.

"South Korea has a fantastic Internet structure with immensely fast connections, and so it is a goldmine for spammers wanting to create botnets," said Cluley.

A ZDNet UK research report released this week revealed that despite advances made in security technology, there has been little or no reduction in the time IT professionals are spending trying to protect their business systems from issues such as spam and viruses.

"The top ten viruses in the past ten months are really old, which suggests the human race isn't winning the war against viruses and spam," said Cluley. "Some people just simply aren't bothered, and they are the ones bombarding the rest of us."

However Cluley admitted that Microsoft has made some big differences with XP Service Pack 2, which has made it harder for hackers to break into Windows systems because a rudimentary firewall and automatic updates are enabled by default.

Antivirus company McAfee agreed that antivirus vendors and cybercriminals were locked into a stalemate situation.

"It's almost like a game of chess," said Greg Day, security analyst at McAfee. "Spammers try to put our customers in check. We put pieces on the board to block them, then they make their next move," Day added.

Both McAfee and Sophos agreed that spam was unlikely to disappear, and called for Internet Service Providers (ISPs), businesses and home users to run anti-spam software. ISPs have traditionally been reluctant to block any kind of content, although most of the major players now have some form of antivirus protection for their customers.

"It's an issue we've been working on," said Day. "Every person has to protect their own space, but there's a lot of common sense in moving a security level up into the cloud," Day added.

McAfee and Sophos also applauded recent arrests of spammers, but said that more needed to be done in terms of international law enforcement cooperation.

"When the prosecutions hit the streets, there was a visible downtrend in spam — but these aren't global laws. It's a step in the right direction, but there's definitely scope to work on this," said Day.