For a time it looked as if a decisive blow had been struck in the war against spam.
In November the number of unwanted, offensive, and misleading emails sent across the globe plummeted by approximately two-thirds, thanks to the efforts of a group of security researchers. Pressure by the group had led to the shutdown of a little-known Silicon Valley Internet hosting company called McColo, which allegedly aided the distribution of about half of all Internet spam globally.
Unfortunately, the victory proved short-lived.
According to Symantec’s latest State of Spam report
, spammers aren’t giving up without a fight. In fact, recent spam volumes indicate that spam has steadily crept back up to 80% of pre-McColo shutdown levels. Since mid-November, spammers have steadily brought old botnets online or created new ones. (Bots are programs that are covertly installed on a user’s machine by an unauthorized user. A large number of such compromised machines is called a botnet, which can then be used to launch coordinated attacks.)
For small and midsize businesses, these recent events underscore the need to stay vigilant and informed about today’s evolving threat landscape. This article looks at some of the increasingly complex threats to SMBs’ endpoint and messaging environment. It then shows how security suites enable SMBs to control costs and manage risk.
By any yardstick, the challenges that organizations face with regard to their sensitive data are more serious today than at any other time. Consider:
- More systems, applications, and data are being managed today than ever before.
- Budgets continue to decrease, while the need for essential IT services increases.
- More device types are spread across the company – laptops, desktops, servers, mobile devices.
- The threat landscape continues to evolve, with massive increases in “malware” and spam.
- More people have access to sensitive company data.
One of the more challenging developments for businesses of all sizes is the meteoric rise of spam. After all, just a few years ago spam was considered merely an annoyance that clogged email inboxes and distracted users. Today, spam is increasingly linked with phishing and malicious code, offering spammers an efficient defrauding mechanism with a low barrier of entry and a high return on investment.
According to Symantec’s Report on the Underground Economy
, spam and phishing-related information are the third most advertised category of goods and services for sale on the underground economy and the second most requested items. Spam and phishing-related information includes email addresses, email account passwords, scams, and mailers.
Small wonder, then, that Symantec’s Global Intelligence Network has documented an increase in spam volumes from 8% in 2001 to 80% of all email volume in 2008.
As Doug Bowers, Senior Director of Antispam Engineering at Symantec, has observed: “Many businesses are finding that more than 95% of their email traffic is spam. Consequently, they are prioritizing best-of-breed security products that can deliver both effective and accurate antispam protection. The most effective solutions have been shown to catch more than 97% of spam, with less than one in a million false positives.” (A false positive is when a legitimate email is improperly categorized as spam.)
In order to create a protected endpoint and messaging environment that is secure against today’s complex data loss, malware, and spam threats, organizations are increasingly looking at comprehensive security suites that combine technologies across endpoint and messaging security technologies for laptops, desktops, mobile devices, and servers. At the same time, SMBs do not want to sacrifice best-of-breed technology at each node in their network. The necessity for effective and accurate antispam is just one example of this need.
As Symantec’s Bowers observed about spammers rallying in the aftermath of the McColo shutdown: “Organizations must remain aware of this pervasive business risk and act proactively to mitigate it. By leveraging a growing number of increasingly sophisticated antispam tools that prioritize and allow legitimate email while thwarting spam before it reaches servers, organizations can protect their messaging structures and help ensure business uptime and user productivity now and into the future.”
Symantec Multi-tier Protection
is a cost-effective, easy-to-use solution that safeguards business assets against today’s increasingly complex threats. It combines Symantec Endpoint Protection
(which integrates technologies such as antivirus, antispyware, firewall, intrusion prevention, and device and application control) with Symantec Brightmail
and Symantec Mail Security (which provide high-performance messaging security against viruses, spam, and other security risks while enforcing email content policies).
For small and midsize businesses, Symantec Multi-tier Protection provides:
- Complete protection. Symantec Multi-tier Protection protects against malware, spam, and spyware by identifying and addressing risks across different platforms. It also secures sensitive data with advanced content filtering and data loss prevention.
- Easy management. SMBs can quickly deploy the software with minimum disruption to their users. Routine management tasks are simplified, and learning curves are reduced with common management and user interfaces.
- Automated controls. Symantec Multi-tier Protection monitors and controls the flow of sensitive data via email, as well as onto and off endpoints. Real-time automated updates from the Symantec Global Intelligence Network deliver a view of the entire Internet threat landscape. Reporting provides detailed visibility into actions, events, and status.
In addition, by standardizing on a trusted vendor to manage more systems, SMBs leverage economies of scale in terms of both technology solutions and vendor management and support. This increases productivity and reduces operating expenses.
While the recent shutdown of systems hosted by McColo was a milestone in the war against spam, the shutdown was little more than a short-term obstacle for spammers.
As the threat landscape continues to evolve, small and midsize businesses need to stay vigilant and informed. By gaining a greater awareness of spam and other threats to their data, SMBs stand a greater chance of keeping their endpoints and messaging environment secure.