Technical experts say banks and techies can make spam history, if they cooperate.
But diplomatic relations between the US and China stand in the way, according to a report led by the US EastWest Institute and the Internet Society of China.
“A simple truth is that, given the profound economic and other critical interdependencies between China and the US, their mutual mistrust in cyberspace cannot be ignored. It is a very imposing impediment for their shared future.”
It said its report, Fighting Spam to Build Trust (pdf), was an exception during “a time when heated verbal and written exchanges between our two countries are the norm”.
The report is significant because the two nations were regularly reported to be the among the sources of most of the world’s spam.
Thirty-four experts proposed in the report “early, careful steps” to combat spam, including that an international forum be established between the US and China.
“The network operators, internet service providers and email service providers of China and the US, along with peers in other nation-states, should establish a forum where regular cooperation can be fostered with the aim of reducing spam in cyberspace.”
Best practice guidelines
|
It should be formed by linking existing anti-spam forums in both countries, and operated according to 46 established best practices to be adopted by network operators.
It should also operate alongside an “international spam-fighting industry organisation”.
The US and China governments would need to step aside and allow the industry to write spam-fighting policy and be ready to implement them, the report stated.
If governments were to mandate policy, it would create “suboptimum network performance and reduced industry flexibility” to fight spam.
The report will be discussed at the EastWest Institute’s Cybersecurity Summit in London today.
Follow the money
But a separate report (pdf) claimed spam is better fought by blacklisting banks that make money off the back of the illicit trade.
Researchers from the universities of California, Berkley and Budapest, said three banks in Azerbaijan, Denmark and the West Indies island of Nevis were responsible for converting into hard currency 95 percent of spam-advertised pharmaceutical, replica and software products.
The three-month study polled 15 million URLs and bought about 100 spam-advertised items.
“It appears plausible that such a ‘financial blacklist’ could be updated very quickly (driven by modest numbers of undercover buys, as in our study) and far more rapidly than the turn-around time to acquire new banking resources – a rare asymmetry favouring the anti-spam community,” the report read.
“[If] US issuing banks were to refuse to settle certain transactions [such as card-not-present transactions for a subset of merchant category codes] with the banks identified as supporting spam-advertised goods, then the underlying [spam] enterprise would be dramatically demonetised.”
It pointed out that the US already restricted issuing banks from settling some online gambling transactions.
Researchers also said the relationship between the elements of the spam chain – such as botnets and domains, name servers and hosting or proxy services used – must be understood because they have only been examined in isolation.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
