Spammers May Be Hoping for Looser China Net Policies

By Matthew Hines  |  Posted 2010-01-21 Print this article Print

As the Chinese government reconsiders its recent ban on individuals attempting to register its designated .cn domain names - in response to massive outcry over the newly implemented rules from its online population - they may have an unexpected constituency hoping that they do indeed reverse their course - spammers.

Security researchers have tracked significant shifts in the spam and malware community in the last several weeks since the China Internet Network Information Center (CNNIC) first began enforcing its current ban on individual .cn registrations in mid-December.

For while the policy is being decried as an affront to the personal freedoms and Internet rights of China's billions of residents, it does appear to have had an affect on stopping some abuse of China's electronic infrastructure.

Long a breeding ground for nefarious parties of all stripes, including Canadian pharmacy spammers, the ban on registrations has forced many of those attackers offline, researchers contend. Under the rules, only registered businesses may now claim the domains.

And according to experts with Symantec, after contributing 30-to-50 percent of all URL spam in 2009, the volume of .cn spam has been rapidly on the decline since the CNNIC rules went into affect.

"It appears that the drop is due to the recent enhancement in domain registration procedures introduced by China's Internet Network Information Center (CNNIC)," Researcher Samir Patil said in a recent blog post.

The expert said that information collected by the Symantec Probe Network shows that the volume of .cn spam fluctuated at around 40 percent until December 11 when the rules went into affect. After a brief spike in Canadian pharma spam volume on December 13, the .cn spam volume plunged to around 20 percent and has held steady since.

With the recent wave of major IE zero day attacks leveled at massive U.S. companies including Google, dubbed Operation Aurora, being traced back to China, the world is watching the nation closely with the understanding that its Web policies and infrastructure will continue to play a major role in affecting the future of online security.

The CNNIC policy issue highlights just how challenging it will be for the nation to improve its Web security footprint while still allowing its citizens greater online freedom. While some experts may point to the existing policy as helpful to the worldwide community in the short term, very few would likely support the Draconian approach to regulating personal online freedom.

And, if a rules revision allows for personal domain registration, but includes significant checks by the agency into the people applying for the .cn addresses, which has reportedly been proposed by CNNIC, that could allow for greater freedom and potentially improve security issues.

The current CNNIC rules were enforced specifically to cut down on pornography and other wanted activities, and appear to have had a positive affect in some cases of slowing abuse.

However, Netizens around the globe will have to carefully consider whether they more greatly value online freedoms, or improved security, in attempting to influence the nation's future policies.

Follow eWeek Security Watch on Twitter at: eWeekSecWatch.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel