MAAWG is an organization that started up in response to the spam problem. Its official name is the Messaging Anti-Abuse Working Group, and they are meeting this week in Philadelphia to discuss all things abusive. I didn’t go this time around, but maybe in the future I will secure my attendance. DarkReading has an interesting article on the proceedings that you may wish to check out. An excerpt:
"Email [abuse] will remain substantial," says Michael O’Reirdan, chairman of MAAWG and distinguished engineer in national engineering and technical operations at a major U.S. ISP. Even so, O’Reirdan says he’d like for MAAWG to change its name to more than a messaging title to better reflect the evolving threats to ISPs and their users. [tzink: emphasis mine]
Other MAAWG members, such as Cisco, note that malware distribution via email has become less of a threat in developed countries. "Email as a malware distribution [vector] is somewhat dead except in emerging economies," says Henry Stern, senior security researcher for Cisco’s IronPort team. G-20 countries are now sending anywhere from 20 to 40 percent less spam this year than last, he says.
That’s, in turn, pushing spamming botnets out of the U.S. to lesser-developed countries with emerging broadband infrastructures. "It’s more lucrative for them to go outside the U.S. There’s a migration away from old email spam here" and to other methods, such as attacks on social networks, for instance, says Patrick Peterson, a Cisco fellow.
Indeed, over the past year, the threat landscape has changed and shifted in various fashions. The spam problem is not going away anytime soon. People will continue to spam, ad nauseum, forever. However, it is not the growth industry it once was. I liken spam to the railroad industry. Back in the 1800’s and 1900’s, railroads were the new and emerging transportation mechanism. They were growing by leaps and bounds and revolutionized domestic trade (in the United States) and international trade (in Europe). Trains could travel to places that boats could not. Nowadays, we don’t really see a lot of railway expansion. It’s an established industry. There is certainly plenty of maintenance but there are other ways to get goods around – by automobile or by plane. That being said, rails are not going away. They are a very efficient distribution mechanism of transporting lots of goods, such as grain, steel, automobiles or passengers. It is an entrenched part of our economy. But it is not the growth industry of today.
In a similar way, spam is not a major growth industry. It is harder for spam to get by filters and the spamming is done by more elite spammers. That does not mean that cyber-abuse has gone away, however. There are other attack vectors that have crept up over the past couple of years:
- Rogue antivirus
- Black search engine optimization (getting spammy webpages to the top of web queries)
- Hijacking of free web creation tools (like Blogspot or Live Spaces)
- Fast flux
- Social networking abuse
- Cyber riots in the form of DOS attacks against countries or services (like Twitter)
So you see, there’s a big chunk other than just spam. Botnets are behind most of it, but they are a distribution vector for accomplish all of the above in addition to spamming. To say it is only Messaging Anti-Abuse is too narrow in scope. It is a natural progression to widen one’s view when the nature of the threat changes.
A couple of years ago, I attended the CEAS – the Conference on Email and Antispam. They have since changed their name to the Collaboration, Electronic messaging, Anti-Abuse and Spam Conference (CEMAAS?). It’s catching in other places, so why not MAAWG? For every new communication medium, there will be someone who will attempt to take advantage of it and abuse it, and eventually organizations like MAAWG will have to figure out how to fix that one, too. That’s simply the way it is.