Spam volumes decline for first time in history of internet

20 Jan 2011

The year 2010 marked the first year of declining spam volume in the history of the internet, according to Cicso’s latest Cyber Crime study. However, cyber criminals are shifting their focus from Windows PCs to smartphones and tablet computers.

Last year saw an uptick in spam in developed economies, however, where broadband connections are spreading, including France, Germany and the UK. In the UK, for example, spam volume rose almost 99pc from 2009 to 2010.

Brazil, China and Turkey — all of which figured high on last year’s list of spammed nations — showed significantly lower volumes in 2010.

In particular, Turkey’s spam volume dropped 87pc. This reduction is due in part to the high-profile takedowns of botnets like Waledac and Pushdo/Cutwail, attributed largely to researcher Thorsten Holz and internet service providers restricting malicious email from broadband networks. In addition, authorities are taking the spam problem more seriously and are looking to take down egregious offenders.

While the drop in spam volumes is welcome news, cyber criminals and spammers are turning their attention away from Windows PCs in the direction of smartphones and tablet computers.

In part, this is due to PC platform and application vendors shoring up the security in their products and taking a more aggressive approach to patching vulnerabilities.

As a result, scammers are finding it harder to exploit platforms that were once their bread and butter — in particular, the Windows platform — and are looking elsewhere to make money. Just as important in driving this trend is the widespread adoption of mobile devices and applications. Third-party mobile applications in particular are emerging as a serious threat vector.

Scammers search for the low-hanging fruit

“Everyone knows the joke about the two hikers and the hungry bear in which the swifter hiker explains his footrace is not against the bear but the other hiker,” said Patrick Peterson, fellow, Cisco.

“The cyber criminal bears have been feasting on the ‘slowest hiker’ Windows platform for the last decade. But with increased security in the Windows operating system and applications, the bears are looking elsewhere to satisfy their hunger.

“Mobile and emerging operating systems are hikers that the bears have largely ignored until now, but they are beginning to look much more appealing.

“These bears are also finding opportunities in the explosion in mobile-device usage, where we’re seeing a growing number of exploits aimed specifically at mobile users,” Pearson said.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years