With all the hype associated with “cloud computing,” I decided to do some testing of the world’s public cloud infrastructure over the past few days. I was not trying to boil the ocean, but had a very specific hypothesis and set of tests in mind.
Conventional wisdom suggests that unsolicited commercial email (UCE), also known as spam, originates from compromised computers all over the world, and I have every reason to believe that spammers use this technique. My hypothesis, however, is that public cloud infrastructure is a major source of spam on the Internet.
These days, basic cloud computing resources are available at very low cost from a variety of cloud providers. Many of the computing product vendors are building and selling cloud computing platforms that include various combinations of server, network, and storage hardware and software. For spammers, cloud computing advantages include pristine platforms, 24x7 uptime, business-class Internet bandwidth and a range of static IP addresses. Public cloud infrastructure is the computer industry’s gift to spammers.
Here’s how it works. A spammer can rent enough cloud computing resources from multiple cloud providers to send large amounts of spam for a few days or weeks using their own money or with a stolen credit card. These cloud resources start from a clean slate with no operating system, so the spammer does not have to hack into other computers to create a zombie botnet. The spammer can install its spamming application and operating environment and send spam at a rate just below the threshold that the service providers might notice (either in bursts or total amount of messages) until the spam complaints and credit card fraud complaints start arriving. The spammer then closes the account (or the cloud provider closes it) and moves on to another cloud provider. The cloud providers certainly have legitimate business customers who are not spammers, and it can be difficult to weed out the spammers. If the spamming organization does well enough, it can become its own cloud provider and offer cloud computing resources to other businesses (including other spammers) while allocating some of the cloud resources to its own spamming operation.
Read the full article with test results.
Action Item: Every cloud service provider and enterprise using a cloud solution (public, private or hybrid) should be using some form of outbound spam filtering. These solutions help cloud service providers, and the businesses that use them, maintain their reputation and avoid getting on the spam blacklists.
Footnotes: