Spam, employee abuse costing organisations dearly
24th February 2004 (The Star)
By CHARLES F. MOREIRA

KUALA LUMPUR: Companies are finding it tough to cope with the cost of the ever-increasing volume of unsolicited e-mail or spam, denial-of-service and virus attacks, and the inappropriate use of company Internet facilities by employees.

And the tide is rising, according to Piti Pramotedham, the Asia South managing director of Long Island, New York-based Computer Associates International Inc.

"In a recent survey, 80% of companies reported inappropriate Internet use by their employees," he said in Kuala Lumpur recently.

"The increasing volume of irrelevant data has forced companies to spend money to increase their information systems' bandwidth and storage capacity to cope with the increased load," he added.

This "inappropriate Internet use" leads to loss of employee productivity, and there is also the security risk of information leaks when confidential corporate information is sent out in e-mail by employees.

Market research firm IDC estimates that 70% of all e -mail in the United States and Europe in 2003 was spam, versus only 8% in 2001. Many companies have reported that about 24% of all their incoming e-mail is spam.

All this is estimated to have cost US businesses US$8.9bil (RM33.82bil) last year, while the cost to European businesses was estimated at US$2.5bil (RM9.5bil).

"The Malaysian Computer Response Team (MyCert) reported that out of 2,188 incidents in the fourth quarter of last year, 2,060 involved spam," said Pramotedham.

The MyCert Quarterly Summary (Q4) 2003 at www.mycert.mimos.my reported a 28% increase in incidents that quarter over the previous quarter.

There were an average of 65.7 incidents per month from January to June, with spam averaging a mere 5.8 incidents per month versus hacking threats (an average of 31.8 incidents per month), virus attacks (18.3) and intrusion incidents (4.2).

However, the total number of monthly incidents jumped from 75 in June to 502 in July and rose gradually for the rest of 2003.

Of that, spam averaged 558 incidents per month, while virus attacks averaged 69.2.

There were 856 incidents this January, of which 640 were spam and 164 were intrusion incidents.

"The key issue with spam is an organisation's or individual's right to reject it," said Pramotedham.

While technology is a key component in the fight against spam, just as important are educating employees and enacting strong legislation with adequate penalties for violators.

This is required to contain and reduce incidence of the problem, "even though it can never be totally eliminated," he said after announcing CA's eTrust Secure Content Manager (eTrust SCM).

Multilayered protection

CA's integrated content security solution defends against spam, viruses and other malicious code, and filters URLs and e -mail.

It sits at the network's gateway to the Internet and uses seven security layers to protect the network.

"First is the 'global white list' containing allowed domains trusted by the organisation, followed by the 'global black list' of domains known to be sources of spam or viruses, and which the company has forbidden access to," said Anthony Ung, CA's Asia South senior consultant for eTrust.

Next is the "custom white list" which contains domain names that each employee trusts. However, the global black list overrides this custom white list.

Below that is the "real-time black hole list" or "RBL," containing lists of domains known or suspected of being sources of spam, viruses and so on.

These lists are normally provided free or for a small fee by Internet security companies, and are regularly downloaded to the security system.

"The domains in these RBLs are given a weighting based on their suspected or known threats. Based on several weightings on different RBL sites, eTrust SCM decides to block or allow them according to a user-configurable threat factor," said Ung.

eTrust SCM can be configured to either block the spam, tag it as spam and allow it through, or alert the user or system administrator.

Next comes the antivirus layer which protects against malicious Java and Active-X codes, and the key word scanner which checks for user-defined words in incoming and outgoing e-mail to protect against the leak of confidential data from the company going out, and profanity coming in.

"Our customers who've used eTrust SCM have reported a 95% reduction in spam," claimed Pramotedham.

More information on CA's eTrust family of security solutions is available on its website at www3.ca.com/Solutions/Solution.asp?ID=271.