There’s no denying that anti-spam filters are imperative in the fight against junk mail and malware, but no single solution is fool-proof. Employing anti-spam and virus filters, stronger passwords, encryption, and so on, are not enough to win the battle against the ever-increasingly sophisticated attackers. The Australian Communications and Media Authority has recently called for a system to notify website administrators when their sites have been compromised and references the practices of JPCERT, a Japanese Cyber-Clean program that helps users clean up their infected computers.
But all of these measures are reactive: we erect as many barriers as possible and then analyze what got through to see why it got through, but we are still faced with cleaning up the resulting mess. By the time we reconfigure the barriers, the spammers/malware creators are 10 steps ahead of us with umpteen variations of the original message and completely new content. It’s cat versus mouse, and right now the mice are so far in the lead that they’re just toying with us.
So what is the ultimate solution to put a major dent in their operations? I’d love to say I had a magic bullet, but unfortunately I don’t. I just wish we could turn the tables on these guys in real time. Technology already exists to detect and alert us about DoS/DDoS attacks, and to dynamically shut down incoming connections from errant broadcasting servers. But why can’t we take it a step further? I’d love to see an immediate reverse attack take place: as soon as the target mail server or website detects an incoming tide of junk or a malware infected program, the server responds by unleashing a program that can travel backwards through the spammers’ broadcast network and completely disable temporarily every relay server in its path. (I say shut down the relays temporarily, to both serve as an alert to the administrators that those systems are being abused and a warning to beef up security pronto!) The program likely couldn’t track down and disable the original source of the message, but stomping on the network would rank a close second-place finish. Anything to turn the tide on these jerks would be a major breakthrough.
I know there are a lot of smart people out there, and I would love to hear your ideas about how to build the ultimate mouse trap.
Is it up to the industry to come up with an answer to the ever-increasing flood of SPAM, or should the government step in? While I am not a fan of government intervention, if the government got serious and went after the SPAMmers initially and then go after the ISPs who allow this nonsense to permeate our daily lives, maybe we’d spend far less time fighting this stuff. We’re always going to have naive users who open SPAM email and respond. We need to stop them at the source.
The main problem I see with government intervention is that this is an international issue, so which country’s rules would prevail? Do you think Russia or China would care if the US imposed stricter punishments? It could only be effective if there were international standards and cooperation amongst law enforcement agencies across the board.