While most right-thinking people take steps to avoid, or at least limit, the amount of spam that drops into their email inbox, one Internet security company has actually created 2.5 million separate email accounts in the hopes of attracting as much malicious spam as possible. Symantec, the Internet security giant, created the dummy accounts—along with unmanned Twitter accounts and blogs—and then did nothing with them, in order to find out how much junk mail, and how many spam comments, they can attract simply by existing. It’s all part of a larger research project aimed at increasing cybersecurity by building a huge database of the tactics, techniques and procedures used by cyber-criminals.
Sitting in the company’s suburban Washington data center earlier this week, the company’s vice president of research, Joe Pasqua, explained that all of this information is being funneled into one constantly growing database available to researchers.
Part of the Worldwide Intelligence Network Environment (WINE) program, the “up to the minute” information is “a way to stimulate and energize research in the security domain,” Pasqua explained, adding that “the kind of data we’re making available is going a long way toward determining attribution” for cyber-crimes by allowing university and government-sponsored researchers to mine it for patterns, and to trace spam and malicious code back to their point of origin.
Researchers will only be allowed to access the information at the company’s Herndon, Va., and Culver City, Calif., facilities, but any work they produce is their own, Pasqua said, stressing that the company is not selling the service or making any profit from it.