Surveys of businesses and other organisations that rely on the Internet for their communications show that around 83 per cent of inbound email traffic is either spam, or other types of illegitimate messages. Together these are known as “dark traffic”.
A Growing Problem
As well as straightforward spam, dark traffic comprises directory harvest attacks (DHA); email denial of service (DoS) attacks; malformed SMTP packets, invalid recipient addresses, and other requests and communications unrelated to the delivery of valid email messages.
Most conventional spam, is purely commercial in its intent, setting out to encourage Internet users to buy goods or services. Others are so-called “blended threats”, messages that use social engineering techniques to persuade recipients to open the message and, typically, activate a Trojan, virus or other malware.
But a growing percentage of dark traffic aims to cause damage or disruption to a company or to its IT assets.
Denial of service attacks delivered over email, for example, could take down a company’s mail servers, rendering it unable to do business on line. More sinister still, cyber criminals can use a combination of hacking and spam techniques to “harvest” email addresses and user identities, opening the door to further attacks.
Email-based denial of service attacks could also be directed at network providers, with the knock-on effect of damaging the communications of dozens of businesses that outsource their email hosting.
The threat to corporate IT systems is by no means static. As the quantity of both malformed emails and outright spam grow, legitimate email traffic on the Internet is being drowned out by dark traffic. Industry estimates suggest that just 27 per cent of email traffic is technically valid. Of that valid traffic, two thirds consists of spam or other unsolicited mails.
Why Businesses need To Act
The vast majority of email security systems in production today scan only for the content of the messages, relying on techniques such as keyword scanning. This means they will accept the vast majority of malformed messages as legitimate.
Dark traffic is forcing businesses to invest in additional bandwidth, storage space and CPU capacity just to collect, store and forward enormous quantities of unwanted email traffic.
The very high ratio of illegitimate messages to legitimate mail forces companies to invest more and more resources in building spam detection and filtering systems. For some businesses, the need to scan the content of a vast amount of email, just to find the relatively small proportion of real messages, is creates serious bottlenecks within the IT infrastructure.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.