A massive increase in spam originating from China and the Far East could mark the beginning of a worrying trend that will create more problems for organisations already struggling to cope with unwanted emails.
The rise could potentially outweigh any lasting gains from more sophisticated detection and enforcement efforts in the US and Europe which recently saw a reduction of spam following the shutdown of McColo, the California-based internet service provider, last November.
Latest figures from UK security specialist iCritical show that mail from Chinese IP addresses rejected by the companys servers before reaching client accounts more than doubled from 10.4 million in November 2008 to 22.9 million in December. In the same period, mail from Vietnam rose 62% from 2.9 million to 4.7 million and from South Korea nearly 26% from 6.2 million to 7.8 million.
Illegitimate mail originating in the other five highest spam-producing countries US, UK, Russia, Brazil and Turkey all fell significantly in the fourth quarter of 2008. According to iCritical, total spam levels from all eight countries fell from a height of 137.5 million in October to 72.3 million in December, suggesting that the closure of McColo and the prolific botnets it hosted has had a greater effect than some had predicted.
After the shutdown, there were successive monthly falls in US spam from 47.3 million in October to 19.7 million in November and 13.8 million in December. However unrelated, the increase from China means it has overtaken the US for the time being at least as the number one country for botnets and other fraudulent email activity.
Andy Calvert, iCriticals Technical Director, remains cautious: These figures show how concerted law-enforcement strategies at a national level can have a dramatic positive impact, but they also highlight how difficult it is for them to have a lasting effect globally as spam transcends national boundaries.
The Far East is promoting itself to the West as a low-cost option for outsourced IT services but it has not yet adopted the same level of sophistication in web and mail security as the US and Europe. At the same time, millions of new users in Asia are accessing the internet largely unaware that their PCs can be easily targeted and compromised. This is creating a huge network of mini-host systems for spammers keen to exploit soft targets.
Whilst we expect total spam to increase in the first half of 2009, it will be interesting to see for how long China remains top of the bots and when US spam returns to its pre-McColo closure levels. Public and private sector organisations should continue to invest in the most up-to-date solutions to manage their mail function effectively and avoid becoming a victim of spam themselves, whichever country it comes from, he added.
iCritical will be releasing further mail statistics every quarter. The next report covering January to March 2009 will be available in early April.