Trend

Spam attack

Spam has become a major issue on account of its propensity to consume Internet resources and pose a threat to security, says Malabika Sarkar

Spammers are sophisticated when it comes to tactics and spam blocking is becoming more complicated. To handle the increasing volume and complexity that spam presents, e-mail administrators need perimeter protection that prioritizes their legitimate e-mail while starving spammers. In this scenario, enterprises need to consider which anti-spam product or vendor will be able to protect them not only today, but also tomorrow. Security threats are constantly changing. As network connectivity becomes more pervasive and bandwidth increases, the spread of worms and viruses can happen at a faster pace, further compounding the problem.

Besides unsolicited advertising and creating a nuisance, spam these days is predominantly a distribution method for malware.

Shantanu Ghosh, Vice President, Product Operations, Symantec India, said, “According to Symantec, one out of every 617 spam messages contains a malicious code or malware. From 2001 to 2008, spam volume grew from 8% of all e-mail volume to over 80% of all e-mails. In fact, many enterprise customers are finding that over 95% of their e-mail traffic is spam. Dealing with spam can severely hamper employee productivity as well as time and resources from IT departments.”

According to a report by Nucleus Research, users spend 16 seconds identifying and deleting each spam e-mail, at a cost of $712 per employee (Approx Rs. 32,000) in lost productivity. The spam problem has reached this extent.

Amit Nath, Country Manager-India & SAARC, Trend Micro, said, “The most effective solutions against spam combine a strong reputation system with a comprehensive filtering system that includes heuristics, statistical analysis, signature filters and multi-lingual detection. We must also note that newer varieties of spam and other malware attacks have become so rampant that the traditional batch-mode updates of signatures are unable to keep pace with them, leaving user systems vulnerable to the latest threats.”

Mahesh Gupta, Business Development Manager-Network Security, Cisco India & SAARC, said, “Achieving the goal requires a global systems-based view of network security, where every device connected to the network plays a role in securing the network from unwanted intrusions. Cisco’s Self-Defending Network strategy is Cisco’s vision for integrated network security. Organizations can use their existing investments in routing, switching, wireless and security platforms to deploy a self-defending network that will help them identify, prevent, and adapt to both known and unknown security threats.” 

Organizational challenges

Many worms or viruses still spread through users accessing malicious Web sites, downloading untrustworthy material, or opening malicious e-mail attachments. These attacks, while unintentional, still result in significant financial and productivity losses to organizations.

On this Gupta averred, “In the past, many businesses thought they had to make a choice when it came to security. They could use best-of-breed products that were effective against specific types of emerging threats but did not fully integrate into a pervasive defense system. Alternatively, they could take a systems approach that assimilated point products that were “good enough” into an intelligent system architecture. For modern businesses, however, neither option is enough.” He added that to meet today’s security challenges; businesses need both best-of-breed product capabilities and the ability to plan, design, integrate, and operate those capabilities as an overarching, autonomous system.

In addition, the security culture within an organization and education to employees and users on the value of adhering to security policies and processes are equally important aspects of managing risk. Senior management should set examples of giving security as top priority in their communication and messaging and should follow the policies with strict compliance. To avoid disruptions caused by security threats, organizations must adopt end-to-end security solution.

Emerging trends

Neenu Kumar, Sr Research Analyst, Frost & Sullivan, South Asia & Middle East, said, “Today threats are furtive and concealed. A surge in the adoption of Web applications and social networking sites has increased malware risk for companies. The threats are becoming bigger, smarter, wicked and more destructive. The criminals are interested in Identity theft (Social Security numbers, ATM pins, credit card numbers, bank account info, passwords) that can be used to financial gain.”

Spam levels averaged 76.4% of all messages in October 2008. Today’s threats are in the form of multi-vector attacks, which operate across e-mail and the Internet to get past traditional security tools. E-mail and Web-based attacks like phishing and spyware are costing business and consumers loss in productivity and system downtime, financial losses, as well as and brand damage.

As security companies and the Internet community pay more attention to the reputation of Web sites and e-mail senders, spammers are doing their best to hide behind well-established and reputable brands. The shift in spam messages from EMEA (Europe, Middle-East and Africa) is observed as more end users are getting broadband access. Spammers are constantly trying out new spam techniques and targeting other mediums besides e-mail such as social networks, blogs, and other social mediums.

Proactive strategy

Enterprise content security is rapidly changing. Today’s content security threat landscape has evolved into a more dangerous environment, increasing the risks and costs for enterprises.

Terence Gomes, National Manager-Mid Market Segment India, McAfee, said, "Cybercriminals are taking advantage of business' dependence on e-mail and the Web to attack and steal information and resources. 80% of the attacks today are financially motivated vs. 50% two years ago. Enterprises today need a solution that identifies risks almost real-time and enables better protection. Cybercriminals are after valuable data, consumer credit card details, business data etc. Even if the bad guys can't steal it consumers, businesses or governments might accidentally expose confidential business information or lose it. So, organizations need an integrated security solution that provides protection from email threats, web threats and also help in data loss prevention besides the traditional endpoint protection." He further said, "The organizations that understand this changing threat environment and take proactive measures to protect themselves against it with integrated security solutions will benefit from the value they gain as they mature along a security infrastructure model. The additional security spends will no longer be in a 1:1 ratio, but will drop as integration between security solutions and processes are implemented. McAfee customers who have deployed integrated security solutions across their IT infrastructure saw 44% reduction in IT costs and 36% efficiency improvement with the help of McAfee ePolicy Orchestrator which helps them deploy, manage and monitor these solutions from a single console."

“Organizations need to have a comprehensive threat improvement strategy that combines infrastructure and information protection. The security solutions, which are capable of detecting threats transmitted through both inbound and outbound network traffic takes corrective action in mitigating the same. As a new trend there are solutions, which can detect behavior-based attacks and take corrective action,” commented Ruggero Contu-Principal Research Analyst, Gartner.

Spam is a problem that plagues every organization from the biggest of enterprises to the smallest of businesses. IT & ITES, telecom, banking and the retail sector are all affected to a great degree. However, it is purely dependent on the level of awareness with respect to the rising number of threats and on how proactive an organization is with respect to security issues.

malabika.sarkar@expressindia.com