Allied action knocks out spam kingpin, but the war continues
The big news last month in the security and spam worlds was the shutdown of one of the world’s largest spamming networks." > Allied action knocks out spam kingpin, but the war continues
The big news last month in the security and spam worlds was the shutdown of one of the world’s largest spamming networks." /> Allied action knocks out spam kingpin, but the war continues
The big news last month in the security and spam worlds was the shutdown of one of the world’s largest spamming networks." >
Story image

A battle won in the spam war

01 Jan 09

Allied action knocks out spam kingpin, but the war continues
The big news last month in the security and spam worlds was the shutdown of one of the world’s largest spamming networks. McColo Corp, a notorious web-hosting firm from California, was shut down after numerous reports of suspicious activity originating from its networks.
Shortly after McColo was effectively removed from the internet, email security firms around the world started reporting a dramatic reduction in spam and botnet activity. Numerous security researchers had been notifying McColo’s upstream providers about the activities being carried out from its network, primarily what are known as command and control (C&C) servers. These C&C servers command and control the vast networks of infected PCs on the internet, collectively know as botnets.
While the McColo shutdown has had an immediate impact on the amount of spam out on the internet right now, if it’s anything like the previous shutdowns we’ve seen, the spammers won’t be down for long.
We’ve seen at least two large providers taken down in recent months: the infamous Atrivo/Intercage incident and the demise of Esthost. Both of these providers were well known in the security industry as havens for cyber criminals.
Atrivo/Intercage’s networks in particular had been the source of a whole range of nefarious activities for years, including serving and hosting botnet infrastructure, spamming, malware hosting and illegal content. In the end the demise of these organisations was brought about, not by law enforcement officials, but through the hard work and tireless dedication of individuals in the network operations fields.
These individuals had been working for years to gather information on the activities of Atrivo/Intercage and Esthost, but decided to act themselves after years of inaction from the authorities. The end result was better than expected. McColo’s upstream providers de-peered from their networks, effectively removing McColo from the internet and rendering its servers unable to command and control the botnets. While I don’t think this situation is going to last, it does demonstrate the power the internet community at large can exert when one of their number goes rogue. Admittedly Atrivo/intercage and McColo were able to operate for years with impunity, but I think this latest incident has set a precedent and providers hoping to carry on similar activities, at least in the US, will probably now think twice.
As I said, I don’t think this is going to last. These recent shutdowns haven’t actually solved the problem: unpatched, insecure PCs are still getting infected with Trojans and are still being turned into spam bots. There is still a demand for these kinds of networks from black marketers looking to flog their copy watches or Viagra pills. And with the holiday season upon us shortly, spammers know that people will be in the buying mood.
With the holiday season also comes the likelihood that IT personnel will be away, and the chances of spam getting past spam filters is higher.
Now is the time to be thinking about protecting your company’s email and site security, particularly if IT staff numbers will be down.
You can read more information on the McColo evidence and resulting takedown at:

http://hostexploit.com/downloads/Hostexploit Cyber Crime USA v 2.0 1108.pdf  

The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.