Archive for July, 2013

Dirty Dozen: Top 12 Spam Countries Identified

July 22nd, 2013

Researchers identified the top 12 spam-relaying countries in its “Dirty Dozen” report that analyzed spam volume between April and June of 2013. The analysis determined the extent to which computers in a given country are used for delivering spam.

Three new countries entered the top 12 while several other countries — France, Peru and South Korea — fell off the list. Spam volume in countries sometimes mirrors population.

Spam messages, which are often viewed as unwanted messages pitching pharmaceuticals and pornography, also pose a serious threat. The unwanted messages can include phishing schemes and malware, and spammers have been seen pushing investment scams and other fraudulent activities,.

This season, Germany came in 12th overall for being responsible for relaying 2.5 percent of spam globally. The country is also known for receiving the most malicious spam messages, often laden with malware or links directing users to phishing attack pages. A report issued last year had Germany at the top of the list for pushing backdoor Trojans and other malware linked to the Zeus family of banking Trojans.

Russia is known for being the home of many financially motivated cybercriminal organizations, but it came in 11th overall on the Dirty Dozen list for pushing only 2.6 percent of spam globally. Law enforcement believe it also hosts major money laundering operations associated with credit card theft and malware attacks designed to drain bank accounts. Interestingly, the Republic of Belarus, which borders Russia to the northeast, has the title of having the most spam relayed by proportion to its population.

Italy came in 10th on the Dirty Dozen list for pushing about 2.9 percent of spam globally. Spammers have been quick to jump on news headlines in Italy to get people to open their messages. In 2009, a 6.3-magnitude quake was used as bait in a phishing campaign. Spammers have also used ongoing controversies surrounding Italian Prime Minister Silvio Berlusconi to lure people into clicking on links in the messages.

Argentina is a newly listed member of the Dirty Dozen list, earning the No. 9 spot for pushing 3.1 percent of spam globally. Despite being newly added, the country has aggressive spam laws. The South American country has a government agency that investigates spam incidents and has the power to levy stiff fines against spammers.

Kazakhstan, a Russian speaking country in central Asia, is also a newly listed member. It earned the eighth place title on the Dirty Dozen list for pushing 3.3 percent of spam globally. Malware and phishing are common in spam messages in Kazakhstan and several other top countries, with a correlation between the spam messages and incidents of piracy. Pirated copies of Windows and other un-updated software often contain vulnerabilities that can be exploited by malware attachments in spam messages. Pirated software also often contains malware that can make the system part of a global botnet that spreads spam.

Spain earned the No. 7 spot on the Dirty Dozen list. It pushed 3.4 percent of spam globally. Spain also earns credit for having a large amount of attack messages, spreading worms, ransomware and spyware, according to security experts.

India earned the sixth spot on the Dirty Dozen list for pushing about 3.6 percent of spam globally. Attackers often rent out spam servers for their campaigns and can even design a specific campaign for a region. We recommend users keep their systems patched, including their browser and its components. Antivirus software should also be receiving regular updates.

Taiwan earned the No. 5 spot on the Dirty Dozen List for pushing slightly more than 3.6 percent of spam globally. The list doesn’t explain where the spam originates, only how it gets relayed from spammers to their victims. Systems that are infected with malware are often turned into spam relay systems as part of a global botnet operated by a cybercriminal abroad.

Ukraine is a new entrant on the Dirty Dozen list. The eastern European country peddled 5.5 percent of spam globally, earning it the fourth spot on the list. Ukraine is believed to be the home of a long-running pharmacy spam operation. The spammer behind the operation, known for sending 10 million or more messages daily, uses Chinese Web hosting for the operations and botnets to spread the messages,

China earned third place on the Dirty Dozen list for relaying 5.9 percent of spam globally. China is home to the Vincent Chan gang, an organization ofChinese partners that have been sending spam for years.The Vincent Chan gang, which mainly spreads messages touting online pharmacies, is listed at the top of the list of worst spammers, according to a list maintained by spam-fighting organizations.

The eastern European country of Belarus earned second place on the Dirty Dozen ist. The country has pushed 11.7 percent of spam globally. The country has been at the top of similar lists in the past. The country is responsible for relaying more than 3 million spam messages per day.

The United States retained the spamming crown on the Dirty Dozen list, sending 13.8 percent of spam globally. The U.S. population and its robust Internet connectivity help it retain the leadership position. Three spammers that are on the worst spammer list: Quick Cart Pro, Yair Shalev and iMedia Networks. Quick Cart Pro, an operation with ties to Russia and Canada, promotes fake pharmaceuticals. Yair Shalev, a high-volume spammer, uses the showshoe method to send messages, spreading out spam across many IPs and domains, in order to dilute reputation metrics and evade filters, and iMedia Networks, operated by Michael Lindsay, is a spam-hosting operation serving bulletproof hosting at high premiums to well-known spam gangs.

If you want to protect your network from Spam please contact The Computer Company at

800 418 2358

To learn more please go to our website

http://www.computercompany.net/Networking_Security.htm

 

 

By Robert Westervelt, CRN

How to Build a Highly Effective and Cost-Efficient Disaster Recovery Plan

July 15th, 2013

Small and midsize businesses have an opportunity to significantly improve their disaster recovery plans at a cost-efficient price point through a combination of virtualization and advances in storage technologies. Even organizations that have infrastructures with 10 or fewer physical servers can save money and increase protection by implementing an end-to-end approach to disaster recovery, delivering better protection, faster recovery times, reduced downtime costs and improved business availability and continuity.

It’s an opportunity that should not be ignored. All businesses these days are more dependent than ever on the availability of their IT infrastructures to deliver products and services to customers. We are in an era of 24/7 global operations, and any downtime can be costly. Significant downtime can be downright crippling: According to one study, 43% of companies that suffered a “major loss” of data went out of business immediately, while another 51% had to permanently shut down within two years.
Furthermore, a recent  study showed that the cost of data center downtime now averages $5,600 for every minute that the IT infrastructure is not available.Only 6 percent of companies survive longer than two years after losing data. Unfortunately, too many businesses are not getting the message.
Approximately one-third of companies surveyed  said they had no disaster recovery plan in place, and 10% said they didn’t even have plans to develop one.  The most common reasons cited by the companies were disaster recovery plans are too complex, are not being pushed by top management or are just too expensive. However,virtualization and network storage technologies have changed the game for disaster recovery, making today’s solutions less complex and less expensive to deploy. Given these technology advances, combined with the risks of downtime and lost data, there should no longer be any excuses for businesses of any size to not deploy an adequate disaster recovery plan. For SMBs, it shouldn’t be a question of why a disaster recovery plan is needed, but how to put an effective disaster recovery plan in place. This article will focus on some of the fundamentals you need to build and sustain a cost-efficient disaster recovery plan for your small or midsize business.

Building blocks for disaster recovery

One of the keys to building a successful disaster recovery solution is to identify the requirements of your business for recovery. What would be the cost impact if certain applications were unavailable for a specific period of time? What are your recovery point objectives (RPO) and your recovery time objectives (RTO)? Do these vary from application to application? When you examine your goals, you are likely to find that traditional methods of disaster recovery are no longer cost efficient for SMBs. The idea of creating a separate mirrored data center is cost prohibitive and unnecessary. In today’s environment, the most effective disaster recovery solutions are built on a foundation of key technologies: virtualization and networked storage.

Virtualization has truly changed the paradigm for disaster recovery. In traditional non-virtualized environments, organizations have to set up a mirrored infrastructure. This means spending money to buy, deploy, manage and support a duplicated data center, with a duplicated server infrastructure and a duplicated network environment. In addition, the IT department must establish and oversee the processes and procedures for restarting servers and operating systems, re-launching applications and getting users back up and running all while deploy- n resources to determine the impact of the disaster and how much and which data was lost. In a virtualized environment, you no longer need duplicate mirrored systems. By separating the hardware from the underlying software, youare able to create an image of your product- tin virtual machine and replicate that on a second virtual machine, which can be located anywhere. You no longer need to invest nearly the same amount in additional equipment facilities, power, cooling and management. For many organizations, best practices still dictate the need for a separate disaster recovery site, but the costs involved in creating and managing that site in a virtualized environment are far lower than they are in a traditional environment.

Network storage is another building block that is changing the face of disaster recovery. Major technology advances such as automated tiering; storage virtualization, snapshotting, compression and reduplication have significantly simplified disaster recovery processes, while introducing major cost
efficiencies in backup, replication and recovery. With networked technology solutions, your entire storage infrastructure can be far more effective in addressing backup and recovery challenges, particularly in today’s environment, where storage volumes are growing dramatically. Integrated reduplication reduces the amount of files you have to save and creates a single, current version of each
file. Automated tiring moves data to appropriate storage devices throughout its lifetime, enabling your organization to extend the lifecycle of older devices so that they can be used at a failover site for disaster recovery purposes. Storage virtualization allows you to centralize management of your entire
storage infrastructure so that is appears as a single device. Snapshotting can dramatically improve RPO and RTO by enabling you to accurately pinpoint when your systems went down and where to begin the recovery process.

Building a cost-efficient disaster recovery solution putting n place the essential building blocks of virtualization and network storage backup will put you on the path toward a successful disaster recovery solution. But he ultimate success of your plan will be contingent on choosing the right platforms, tools and partners. You want to make sure that your storage and virtualization solutions give you the ability to manage your disaster recovery environment from a central location so that you can speed all of your processes, from deployment and provisioning through monitoring, testing and validation. You also want to make sure your storage and virtualization vendors are closely aligned
with integrated solutions that have been designed to work together to enable efficiencies in managing your policies and processes. Here are some of the key considerations in building a cost-efficient disaster recovery solution on a oundation of virtualization and network storage:

Centralized management: In the event of a disaster, you want to be able to manage your recovery operations from a single console so you can coordinate activities more quickly and efficiently. This will result in significant cost savings, not only when a disaster occurs, but also in the ongoing processes of provisioning, monitoring, testing and validation.

Increased automation: The ability to automate key functions of disaster recovery is a major advantage of a virtualized environment. With the proper platform in place, you should be able to automate the entire recovery and migration process, including failover and site migrations, leading to far faster recovery and much ess chance of human error. Automation will also help you simplify testing of recovery plans, which is often an import- tent requirement for compliance purposes.

Updated storage technologies: Automation is a major factor in reducing risk of failure in your storage environment. Automated snapshots can capture data at any given point in time, and your organization has the ability to determine how often those snapshots should take place, depending upon defined factors based on how much risk you are willing to take. Storage-based replication enables you to improve performance at lower costs. Features such as automated tiring and automated reduplication will make your entire storage infrastructure more efficient by reducing the amount of data you are storing and ensuring that where you are storing your data is appropriate to its age and value to your organization.

The time has come for SMBs to get serious about disaster recovery. The threats are increasing, and the impact of a disaster can be devastating. What’s more, through virtualization, advanced storage technologies and disk-based backup, the costs and complexities involved in disaster recovery are much more manageable than ever before.

Need more information to create a Disaster Recovery plan for your compnay, contact The Computer Company 800 418 2358

http://www.computercompany.net/DataCenter_Disaster_Management.htm