Google: smashing big botnets doesn’t reduce spam
Recent successes in crippling botnets have failed to reduce spam levels, according to Google.
Back in February, Microsoft announced that it had won court approval to disable the command and control servers behind the notorious Waledac botnet – effectively beheading it.
This followed similar action against the Mega-D botnet by security firm Fire Eye, and the Mariposa botnet, which was crippled by the Spanish police.
There’s no shortage of botnets out there for spammers to use. If one botnet goes offline, spammers simply buy, rent, or deploy another
However, despite this string of successes against some of the world’s largest botnets, Google said the effect on spam traffic was negligible, citing figures from its enterprise security company Postini.
“Overall, spam volume fell 12% from Q4 2009 to Q1 2010, which follows a trend of quarterly decreases in overall spam levels that started after the surge in Q2 09,” Google reported on its blog.
“This may be attributed to some of the recent takedowns, but spam volume was still 6% higher this quarter than it was during the same period in 2009, and spam volume as a percentage of total email messages is holding steady.
“This suggests that there’s no shortage of botnets out there for spammers to use. If one botnet goes offline, spammers simply buy, rent, or deploy another, making it difficult for the anti-spam community to make significant inroads in the fight against spam with individual botnet takedowns,” it said.
Ultimately, Google concludes that attacking botnets is no more effective than hitting rogue ISPs. The takedown of ISP 3FN crippled spam traffic for a month, but when Real Host was taken down a few months later spam volumes bounced back after only two days.
“Cybercriminal activities is a million dollar business,” said Phil Lin, marketing director of Fire Eye. “If you take one tactic to disable their command and control servers they’ll find another way to do all this.
“It’s a little bit like the drug trade. You can stunt its growth, but there’ll always be very intelligent, professionals who did computer science who discover that ‘hey, this money really is too easy to make’”.