I wanted to take a few minutes and post a follow up to my blog the other day about an article written by Lance Winslow that was originally written in 2005 and reposted here by ezinearticles.com with the date of December 31, 2008 making it appear as if the content was written recently by Lance. 

Businesses do have a lot of choices when making decisions about protecting their network infrastructures.  They can choose to do it in-house using a number of open source solutions or commercial desktop software.  They can also purchase a network based appliance which also typically has to be maintained in-house or businesses can look to in-the-cloud solutions using a Managed Service like MX Logic (I'll reiterate my partiality to Managed Services :) ).  No matter which type of solution you prefer for your organization, most all are effective at stopping spam.  Some of the bigger questions that must be answered by any company when making these decisions is how much control they want to have, how much risk they deem to be acceptable in the event of a large outbreak from a bandwidth perspective and what they want their internal resource allocation to be to managing these solutions. 

Overall, spam rates are still down about 45% from their most recent peak in August to now as a result of the McColo shutdown.  Despite the movement to the web as a primary malware delivery vehicle and with occasional peaks and valleys in mail flow over short periods of time, spam volumes historically continue to increase and will continue to do so.  The biggest reason for these historical increases are improved attack precision (i.e. more targeted attacks and less en masse spam campaigns) and refined social engineering which dupe users into opening attachments and visiting web sites that enlist their PC into botnets. 

I do agree with Lance's point with respect to the efforts already put forth by the FTC as being largely fruitless.  There have been few arrests since CAN-SPAM went into effect 5 years ago.  At the end of the day, spammers are criminals and should be arrested, but cooperation is needed by many others outside of law enforcement like the upstream bandwidth providers and domain registrars if we are really to make a dent in the spam problem.

At the end of the day whether spam volumes are up or down, cyber crime is both a criminal as well as a social problem.  I think the criminal part is pretty self-explanatory, but the what drives people to cyber crime?  Money.  Lots of it.  WIth the relatively few arrests that have been made in comparison to the number of spammers trying to fill our inboxes on an everyday basis, cyber crime is considered to be a low risk, high reward venture.  Considering the difficult economic times we are now in the middle of where companies are tightening their belts as much as possible and unemployment is rising on a daily basis it would not be surprising if you see more people getting involved in cyber crime activities. 

So, to come back to my original point before going on a bit of a tangent: Is an article written back in 2005 about spam volumes, tactics, and defenses entirely relevant today?  I would say both yes and no.  Although tactics have evolved and businesses are feeling more and more pressure every day to find ways to keep their mail servers online and prevent confidential data from leaking out of their networks, there are a lot of options available.  Businesses need to evaluate which type of solution provides them with the options and features that best suit their business and compliance needs.