Discussions about spam seem passe in the security world these days. Spam was topical around 2003. Now we've progressed to other threats like botnets, Trojans and rootkits. Heck, in 2005 there were widespread reports that spam traffic had stabilized or even decreased.
I hate to be the bearer of bad news but there is more spam today than there was last year at this time (probably almost two times as much) and there will probably be another exponential increase in 2008. Today's spam is also more bandwidth hungry as a greater percentage of it includes graphics.
IT executives, network managers and chief information security officers should understand a few of the ramifications of this spam avalanche:
1. More spam traffic is a function of more network zombies. And if you don't know if you have any zombies on your network, you probably do. Invest some time to understand how to detect and remediate these nuisances.
2. If your spam filter vendor claims to block 90 percent of spam, the 10 percent it doesn't block is a bigger number every day. That is why the market is really coming around to leading antispam vendors like IronPort and Symantec and eschewing inferior solutions.
3. More spam means more phishing attacks as well. This should be another area of concern, especially for firms like eBay and Bank of America that are frequent targets.
This problem won't go away and there is no poor man's way around it. Security ain't pretty but it is more and more necessary all the time.