Initiative to Combat Malware

By Stephanie Jordan
in

Last week, three leading cybersecurity groups launched a new initiative to combat malware by establishing a "Chain of Trust" among all organizations and individuals that play a role in securing the Internet. Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and StopBadware.org, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware.

By applying many of the same approaches used to bring nuisance adware under control, the Chain of Trust Initiative aims to establish a united front against a threat that continues to grow exponentially. Kaspersky Labs recently reported that malware distributed through social networking sites is successful 10 times more often than scams distributed via email.

“Strong security in any one organization or sector is not enough to combat an agile, fast evolving threat like malware, which exploits security breakdowns between entities,” believes Ari Schwartz, ASC coordinator and vice president of the Center for Democracy & Technology (CDT). “We all need to work together to build a system that can withstand and repel the next generation of exploits.”

“Online safety and security is a shared responsibility that requires the involvement of governments, corporations, non-profit institutions and citizens,” adds Michael Kaiser, executive director of the NCSA. “The Chain of Trust Initiative will focus furthering the development of tools that provide better protections. However, we must also continue to ensure that all of us implement universal behaviors online that protect us against a multitude of threats.”

ASC, NSCA and StopBadware.org will lead the mapping effort and jointly develop ideas and initiatives to form stronger bonds between links on the chain. Leaders of the initiative have already begun reaching out to key players and identifying critical areas for collaboration. In the next six months, the Chain of Trust Initiative expects to produce a paper tracking the results of the mapping project and propose initial recommendations to strengthen the chain.

Encouraged by its success with adware, ASC hopes to achieve similar results with malware. It is an ambitious project to be sure. Symantec’s May 2009 MessageLabs Intelligence Report reveals a rise in spam levels of 5.1% over the previous month. The company estimates that spam levels are at 90.4% of all corporate email, and offer the following thoughts on what is behind the spike:

Spammers Work by U.S. Clocks—MessageLabs Intelligence research shows that spammers are predominantly active during the U.S. working day, and may be indicative of the fact that the most active spammers are either based in the U.S. or find the U.S. workforce the most likely targets. Spammers are finding this large target audience that’s online and more likely to respond as being very profitable for their nefarious activities.

Webmail and Links to Social Networks Pose a Big Threat—The U.S. workforce that is spending time on Webmail and on popular social networks are aiding this increase in spam. Active profiles on social networks are goldmines for spammers to lure unsuspecting users. All spammers use a subject line and a valid hyperlink to active profiles on one of a number of major social networking sites. These emails originate from legitimate addresses on some of the main Webmail providers making them harder to catch by regular anti-spam filters.

CAPTCHA-breaking Fever—Spammers are creating Webmail accounts and profiles on social networks in massive quantities using automated CAPTCHA-breaking tools. A new harder to crack CAPTCHA technology is on the horizon and spammers want to maximize their profits before this new breed of CAPTCHAs are let loose as a deterrent to spammers and phishers. Some major sites are already investigating alternatives to the traditional CAPTCHAs with swirling letters and numbers and are starting to use images and riddles instead.

Botnet Activity is the Main Culprit—Around 57.6% of spam was sent from known botnets around the world.

Additional information is available in the full report.

Published May 28, 2009