Is it time for a new category on this site - Splog? Maybe not yet, but spamming via weblogs (splogging) has gained a lot of attention after Google’s Blogger service was accused for being a "splog" breeding ground.

The attacker, or splogger, used automated tools to manipulate the
Blogger-BlogSpot service and create thousands of fake blogs loaded with
links to specific Web sites (home mortgage, poker and tobacco sites
among them). The move was designed to doctor search results and boost
traffic to those sites by fooling the search-engine spiders that crawl
the Web looking for commonly linked-to destinations.

One of the major problems with detecting and prevenging spam on weblogs is that unlike email, there are no readily available tools to detect and erase what may be a legitimate blog posting or comment. Although keyword filtering may help, spammers are very good at evading such filters. In addition, unlike email where a piece of email’s headers can provide valuable clues to its legitimacy, a posting on a website does not hold much meta data which can help identify it as an illegitimate piece.

Splogging seems to be a growing problem in the blogosphere. Marc Cuban officially warned Google that Blogspot will be excluded from Icerocket.com (the search engine he owns) unless Google get their s*$# together.

In the old days the biggest threat to a PC and its owner’s data was the 5.25" floppy disk that contained the latest and greatest version of the "Avenger91" (or something similar) virus on its boot sector. The  virus would load into the 1MB of RAM, would stay "resident" until the owner changed floppy disks and then it would copy itself onto the new disk. This scenario shows how malware used to be distributed - one floppy at a time, one user at a time.

The times are changing. First, merely connecting an unpatched Windows PC to the Internet will give you an average of 12 minutes to protect it before it becomes infected (or "zombie") with a trojan or worm of some sort. Even if you survive these 12 minutes, merely by installing an "interesting" piece of software you might inadvertently "agree" to have a different piece of software installed which monitors your online activity and in the best case scenario provides you with marketing opportunities or, very often, would secretly record your keystrokes or financial information and send it to a server in China, Brazil, Korea, or Romania.

While I try to paint a grim picture to illustrate a point, the reality is not far off. It is reported that researchers at Kaspersky Lab, a Moscow-based anti-virus company, receive 5,000 samples of malicious code each month, double what they received the previous year. According to Kaspersky Lab, approximately 80% of the pieces of code they receive (4,000/month) can be attributed to online criminals who make money through identify theft or hacking. For comparison, only 5% are written by hacker-wannabees or "script kiddies."

With the increased criminalization of malicious software, companies such as Kaspersky Lab, Symantec, McAfee, etc. are facing battle with organized crime groups and not just individuals sitting in their bedrooms and writing worms. Thus, it is increasingly important that computer security firms cooperate with law enforcement and legislation. While Symantec’s name and research can be very valuable in the United States, more often than not, the criminals would be in a country where Symantec’s cooperation with law enforcement is not as strong as in the United States.  The idea of having computer security firms based in countries where computer crime is rampant is the best way to "put troops on the ground" where security experts can best evaluate the credibility of the threats and create relationships with local law enforcement.

While it may seem fruitless to base a computer security team in a place where computer crime laws are weak, non-existent, or unenforced, I believe that uncovering the problem is the first step to educating local  legislation and law enforcement as to the potential for financial loss and public embarassment. Places such as Romania, Brazil, Korea, and China are gaining notoriety for being lax on computer criminals and I believe that establishing local computer crime research labs will be helpful.