Monday, May 22, 2006

Cyber Criminality defeats Internet Security or Thoughts on Combating Spam

Spam is one the greatest problems and challenges that the internet nowadays faces. What makes it so great is the inability of the internet security industry to provide with a reliable solution. A lot of different efforts have been made, different solutions have been presented, spam filters, anti-spam programs, security tips etc. In the end we have to admit that spammers are almost unbeatable. We just cannot stop spam.

But what are the obstacles, why cant we stop spam and what is that, which sustains spam in the first place?

The answers to these questions might even be the solution to the global problem of spam.

Recent denial of service attacks on the website of an anti-spam organization resulted in its closing down and withdrawing from the war against spam. This is another proof of the weakness of the anti-spam community and its lack of organization when confronted with the extremely well organised cyber-crime. Spammers managed to put an end to the anti-spam scheme Blue Frog and force Blue Security (anti-spam organisation) to give it up.

Spam is not only annoying, it is to most internet users a pure nightmare. Spam and spammers have caused the intense anger, hatred and contempt of the internet community. Spam also interferes with the stability of networks and the internet itself as it is being sent out massively to millions of emails. There is no doubt that spam is a great problem and that there is an equally great necessity for a solution. Known spammers that have been arrested have been sentenced to prison from 18 months to 9 years! Spam is a big deal and spam is illegal.

The sad thing is that governments and even individuals, do not realise the importance and the gravity of the spam problem. Nations do not seem to be co-operating to end the spam problem, laws are not being followed, the bottom line is that nobody cares.

I have sent abuse emails and more abuse emails. I know the ISPs and domain providers of a certain group of spammers and I know that they are simply ignoring the problem. If I had the financial possibility I would pursue them through the law, but that is not something a student and even a normal person can afford. This is another example where the law fails dramatically and injustice prevails.

According to this lecture I heard last night by Mikko Hypponen (F-Secure) Spam exists due to a very simple reason: there is a market for it. A market preconditions a group of consumers that actually make use of the services provided by spammers. People buy products from sites advertised through unsolicited emails. These people, naive or uninformed ones, might represent a very small percentage compared to the amount of emails sent out, but it seems big enough to sustain the spamming business.

The obvious solutions to the problem of spam would be two: firstly to inform the public and secondly to strengthen the anti-spam laws.

Informing the wider public and preventing it from buying from spammers would close up the spamming business. No demand means no offer, which results into the elimination of spam. Sounds very easy but is unfortunately not. There are far too many uneducated internet users compared to the ones who are security aware. Education should be an obligation of the state and there are numerous ways this could occur. For example one could launch anti-spam campaigns by making use of all the current marketing techniques to reach the targeted audience. We could fight spam by using its own weapon: advertising in a legal way though. The targeted audience is anyone who is not accustomed to the internet technology, especially older people who might even have developed a fear against technology. We could bombard people with anti-spam advertisements through television and any other popular medium, and slowly create an awareness for it that would decrease the success of spam a lot. And even if this does not succeed completely, we can reach future generations through educating children and teenagers at school into the basics of Information Technology, Internet and Internet security. Computer science is equally important to any other science but it is unfortunately in many countries not treated as such one. Technological unalphabetism is already a present problem which will magnify itself in the future that is bound to be dominated by technology. Technologically illiterate people will not be able to function properly in the society.

The second solution to the problem consists merely in improving the current system of justice and creating truly efficient anti-spam laws. The increase of the global security awareness, including internet and non-internet users, will automatically lead to a better application of the law. There has also got to be a better international communication and co-operation because cyber criminality is present in the internet which is accessible from any country. It is irrational to have different laws for different websites that reside in different countries since the internet is one. Maybe an international internet constitution would solve this problem. Had the project of Blue Security received government support against the spammers it might have had a chance of continuing its success.

Spam is a problem of the modern internet and our current technological and social era. It seems that we have reasons to visualize a near future entirely free from the troubles of spam. Whether other kinds of problems will arise by its elimination or not, that is not for me to predict.

3 comments:

Indeterminacy said...

I'm hoping a larger company will pick up where PLue Security had to leave off. Or maybe a new method of spamproof mailing will come about, as the current system is very insecure.

Unknown said...

Excellent post about cyber criminality

Unknown said...

Excellent post about cyber criminality
email spam protection