- Media Center
- About M3AAWG
- Members Only
M3AAWG Workshop on Fighting Spam and Bots Oct. 29, 2012 - FICCI Federation House, Tansen Marg, New Delhi 110001
Agenda and information for
18 January 2013, 10:00 a.m. – 5:00 p.m.
Courtyard by Marriott Mumbai International Airport,
Andheri Kurla Road, Mumbai
The M3AAWG workshop is one of a series of private meetings prior to the
3rd Worldwide Cybersecurity Summit: The Next Billion Netizens Connect
– Meeting the Challenges
Best Practices to Address Online and Mobile Threats co-developed by M3AAWG and the London Action Plan; submitted to the OECD
Why India? An overview of the problem and M3AAWG approach:
4-Page white paper brochure on Indian service providers and
the Messaging, Malware and Mobile Anti-Abuse Working Group
M3AAWG Workshop on Fighting Spam and Bots
October 29, 2012 - New Delhi, India
Workshop summary presentation and report: Stopping Cyberspace Pollution – International Cooperation on Fighting Spam and Botnets (including readout from Monday M3AAWG workshop)
Download the workshop agenda.
10:00-10:30: Official Welcome
Dr. R. Chandrashekhar, Secretary, Department of Telecommunications,
Ministry of Communications and Information Technology
- Karl Rauscher, Chief Technology Officer, EastWest Institute
- J. Satyanarayana, Secretary, Department of Information Technology, Ministry of Communications and Information Technology (TBC)
- Dr. Arbind Prasad, Director General, Federation of Indian Chambers ofCommerce and Industry, FICCI
- Dr. Kamlesh Bajaj, CEO, Data Security Council of India
10:30-10:45: Coffee & Tea
10:45-10:55: Opening Comments and Workshop Objectives
Michael O’Reirdan, M3AAWG Co-Chairman, Malware and Comcast Engineering Fellow
10:55-11:40: Session 1 - The Spam Problem
Worldwide, most spam is sent via "bots," that is, through malware-compromised end-user systems centrally controlled by "botmasters." Another major spam source is unsolicited bulk email sent by spammers from servers located in ISP datacenters. Over time, malware authors, botmasters and spammers have spread worldwide, concentrating themselves in different locales, victimizing one region after another in turn. This is a worldwide problem, previously faced by ISPs in the United States, Europe, the Far East and elsewhere. Today, we will talk about the threats posed to Indian ISPs and their customers from spammers and botmasters, and what can be done about it.
Specifically, this discussion will include cost-effective strategies for directly dealing with the spam problem, with technical as well as best practice and policy-based measures to mitigate spam. Measures such as port 25 “outbound SMTP” management, setting an Acceptable Use Policy, and AUP enforcement will be discussed in this and subsequent sessions. We will also cover some of the strategic, nationally-scaled impacts that might be difficult to subsequently correct if left persistently unaddressed now, including widespread spam block listing “deliverability” issues for Indian network IP address ranges that are significant sources of spam, and a broad blacklisting of dot-in domain names. India is part of a global “ecosystem” of spam and malware in more than one way on the Internet, as well as part of the online fraud ecosystem, ranging from fake pills to “call centres” scamming users with fake virus threats and loan scams.
- Suresh Ramasubramanian, IBM SmartCloud iNotes Antispam Architect
11:40-12:30: Session 2 -- The Bot Problem
While there is still a substantial spam problem, the bot problem is the modern scourge that has replaced the issue of spam for many ISPs. Driven in most cases by criminals, malware is created to perpetrate economic crimes upon unsuspecting users, and ISPs are being held to account for a situation that is not wholly their problem. In many countries the role of the ISP is seen as detecting bots and notifying end users, but the other players in the ecosystem – such as AV vendors, OS vendors, and software vendors – need to step up as well. Remediation is the big issue and the tools offered are not always very useful or effective. This session will give an overview of the approaches to the bot problem undertaken globally and explain how an ISP looking to deal with the bot and malware issue can get started.
- Michael O’Reirdan, M3AAWG Co-Chairman, Malware and Comcast Engineering Fellow
- Ram Mohan, Afilias Limited Executive Vice President and Chief Technology Officer
Speaker: Communications and Information Technology Secretary J. Satyanarayana
13:30 -14:15: Session 3 – The Mobile Problem
Mobile spam, malware and other mobile abuse have grown rapidly, driven by the ascent of mobile data. What were once national issues are now international, with cross-border attacks on the rise. While inheriting much from the non-mobile space, mobile attacks and defenses are different. What do government and industry need to do? A number of innovative defense approaches are discussed, and key resources and forums where the industry can learn together and share this information are identified.
Moderator: Alex Bobotek, M3AAWG Co-Chairman, Mobile and AT&T Labs Lead of Messaging Anti-Abuse Architecture and Strategy
14:15-15:00 Session 4 -- Solutions from the Around the Globe
Around the world service providers, IT vendors, non-profits and governments have worked to create solutions to the difficult problems discussed today across messaging, malware and mobile. This panel session introduces several of those solutions that are ready to be adopted more broadly.
Moderator: Kevin Sullivan, Microsoft Principal Security Strategist, Global Security Strategy and Diplomacy team
15:00--15:30: Session 5 – Public Policy: A Solution or a Problem?
A review of public policy activities within M3AAWG and a roundtable discussion of public policy issues impacting cybersecurity, including a focus on specific issues impacting ISPs and ESPs globally. Anticipated to be an open discussion with meeting attendees.
Moderator: Chris Boyer, M3AAWG Public Policy Co-Chair and AT&T Services Vice President of Public Policy
15:30 –16:30: Session 6 – Participants’ Round Table Report on Next Steps
Each table creates and reports three proposed next steps, of which one should be technical or operational in nature.
Jerry Upton, M3AAWG Executive Director