Top 10 Spam Stories of 2008

Well, it’s a yearly tradition in the western hemisphere that at the end of the year, we compose a top 10 list of the 10 most <insert description here>.  So, I thought that I would create my own list of the top 10 spam stories of 2008.  Now, not all of these will be universally…


More on whether cybersecurity should be managed from the White House

Continuing on from my previous post, should there be a central government authority that oversees cybersecurity? The article which I originally cited earlier continues: As everyone now seems to agree, that means effective cybersecurity requires bringing together a dizzying number of players, from the IT heads of government agencies and major private firms to software…


Should cybersecurity be managed from the White House?

A couple of weeks ago, an article appeared on asking the question "Should cybersecurity be managed from the White House?" During the recent presidential elections in the United States and the federal elections in Canada, the two major players in both parties had differing views that crossed borders.  In the US, the McCain campaign…


Merry Christmas!

I had my birthday a couple of weeks ago and one of the things I did was perform one of my favorite card tricks for some friends.  As a Christmas gift to my readers (now how many bloggers do that?), I thought I would share it with all of you.  Enjoy!


Cyberwarfare 101: Case Study of a Textbook Attack, part 2

This post continues on from my previous post on the cyberattack on Estonia in 2007. During the first wave of the assault, network security specialists attempted to erect barriers and firewalls to protect primary targets. As the attacks increased in frequency and force, these barriers began to crumble. Seeking reinforcements, Hillar Aarelaid, chief security officer…


Cyberwarfare 101: Case Study of a Textbook Attack, part 1

This is part of a series on cybersecurity originally published by Stratfor on April 18, 2008. Summary One of the most mature instances of a cyberwarfare attack was an assault on Internet networks in Estonia in late April and early May of 2007. The Russian government was suspected of participating in — if not instigating…


Blame Canada

Last week, the CBC released an article claiming that Canada is the world’s worst spam source.  Some excerpts from the article: Canadian computers — many of them unwittingly — send out over nine billion spam e-mails a day, almost five per cent of all global spam traffic, according to a report from network and internet…


Personalized Spam

The Times of India has an article entitled This Spam is Just For You!  The article is awkwardly written and I don’t think that the point comes across very well, so I thought I’d rewrite some of it. SAN FRANCISCO: Yes, guys, those spam e-mails for Viagra or baldness cream just might be directed to…


The trouble with SMTP

SMTP, or Simple Mail Transfer Protocol, is the Internet protocol that the world uses to transmit email.  Its advantage is that it is simple to use (so simple, even a caveman could use it! But on a side note, I did not save 15% or more with Geico; in fact, by using them, it costs…


Sometimes security restrictions are annoying

As I relate some of my travels, I often observe how many security leaks there are in everyday life.  But sometimes, security precautions can be annoying. I was traveling in Europe last week, and then I made a connecting flight back to Canada through Montreal.  However, I forgot to tell my credit card company that…


Security only works if you follow procedure

I’ve been traveling the past two weeks, which explains the dearth of posts in this blog.  But as I’ve been traveling, I’ve noticed that when it comes to security, there are some major gaps in the system. Take airports, for example.  I was waiting in an airport, about to travel back from Europe to the…


So true

As I moved from Spam Analyst to Program Manager, I have gone from project-implementer to project-driver.  In the cartoon below, I think I now identify with the person on the left. Source.


The intangibles

When it comes to spam filtering, it’s the intangibles that make the difference. Simply running a spam filter and hoping that it will filter out all of your spam is unrealistic because after years of experience, I have learned that defense-in-depth, when it comes to filtering, is the best option.  Using an IP blacklist is…


A conspiracy theory

Over the past few weeks, there have been a number of instances where some of our outbound customers have been compromised and started sending out spam. An abnormal amount of them have occurred on weekends, the times when myself and another spam analyst are out of the office.  Is this a coincidence?  It seems too…


Infection rates by country

Continuing on in my theme of picking interesting pieces of data from Microsoft’s latest Security and Intelligence Report (of which I am a credited author), I thought I’d take a look at where malware infected computers are most likely.  Below is a picture of the distribution of infected hosts: That little blurb at the bottom…