The Price Of Success: Cloud & Social Network Advancements Spawn Innovative Spammers

MessageLabs (now part of Symantec) just released a fascinating trend-analysis of the dark side of the internet. (Key findings below.)

It isn’t surprising that as new technology enables cloud computing, more employees want Facebook, and consumer favorites cross into enterprise, so come more problems — and we’re not talking the corporate version of the whale.

Spammers are getting better (worse?) at their trade — breaking Captchas, targeting cloud applications, and sneaking into social networks.

Expect to see further innovation on the security side from cloud providers facing pressure from enterprise IT departments. These advancements will have at least one benefit: corporate improvements will also trickle down to the everyday consumer apps. (Example: Google Apps Standard Edition, which I run as a backend, wouldn’t exist without the Premier Edition.)

Personally, I wish these spammers would get a life, or at least a lump of coal for Christmas.

Excerpted highlights (full report here):

  • Spam spike—2008 annual spam levels reached 81.2% and botnets were responsible for 90% of all spam. The notorious Storm botnet, which appeared on the threat landscape in early 2007 and peaked in mid 2008, all but disappeared by the end of the year, giving way to rival botnets like Srizbi and Cutwail. While 2007 was the year of attachment-based spam, 2008 was all about the CAPTCHA hacks and shorter, news-driven spam runs.

  • Law enforcement crackdown—Operations of a number of spammers and cyber-criminals were disrupted by law enforcement and community action during 2008, most notably when Srizbi and Mega-D, two major botnets, were severely impaired as two U.S. ISPs were disconnected by their upstream providers

  • Web-based applications vulnerable—Spammers developed an affinity for spamming using large, free, reputable web-based email and application service providers, using techniques to break CAPTCHAs and generate massive numbers of personal accounts. Popularity of web-based and hosted applications as well as these domain names being the unlikeliest to be blocked by IT departments, made web-based services the easiest to crack.

  • Targeted Trojans—Two distinct targeted attacks emerged during 2008. Emphasizing how threats of this kind have increased in popularity over the past few years, MessageLabs noted the number of targeted Trojans peaked at 78 per day in April 2008 compared to one to two per week in 2005, 1 to 2 per day in 2006 and 10 per day in early 2007.

  • Vulnerable social networks—Social networking sites came under greater attack during 2008. Phishing, spam and malware were all used to target social networking sites for harvesting personal information and enhance social engineering tactics.

  • Financial market meltdown—Phishing underwent some notable transformations in 2008 as attacks from specialized botnets became more common. The credit crisis spurred spammers and fraudsters to take advantage of the situation.  Targets for phishing attacks have widened to include recruitment agencies, online retailers and well established financial institutions.