Will public embarrassment cause brands to weed out botnets and tighten security? SpamRankings hopes so.
Would you avoid doing business with a company that doesn’t carefully protect its computer system from hackers? It probably depends.
If you’re buying a cheeseburger you likely don’t care about the back office’s security measures–but consider a hospital that has your social security number, credit card information and private medical records on file. If you discovered that hospital is a regular victim of computer hackers, you might reconsider your options for care, or at least raise a fuss with administrators.
Researchers at The University of Texas at Austin are conducting a spam tracking experiment to see if the threat of reputation damage will encourage organizations to improve computer security. Their laboratory tool is SpamRankings.net, a website that publicizes the world’s biggest spam havens.
Spam = Compromised Security Procedures
Poor computer security is at the heart of both spam and data theft. Spammers use what are called botnets to send spam using computers hijacked without the knowledge of their legitimate owners. Computer systems infected with botnets are likely targets for other malfeasance, including theft of data, which puts consumers at risk.
“Outbound spam is a proxy for poor organizational security,” explains Dr. Andrew Whinston, the e-commerce sage at The University of Texas at Austin, “because outbound spam indicates botnets, botnets indicate vulnerabilities, and vulnerabilities indicate susceptibility to other malware, including phishing, DDoS, and identify theft.”
Whinston and his research team wondered what would happen if they published lists of the top spam havens. Will public embarrassment cause brands to weed out botnets and tighten security?