|
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) started as a group of internet service providers, mobile network operators, telecommunications companies and infrastructure vendors, and anti-spam technology vendors in early 2004 to fight spam and help protect end-users. In the spirit of collaboration, it expanded to include email service providers and vetted parties interested in safeguarding the online ecosystem. The organization initially started as MAAWG, the Messaging Anti-Abuse Working Group, but as spam morphed into a widely-recognized vector for spreading malware and other threats,〔(BBC News,"Botnets: Hi-tech crime in the UK" by Mark Ward )〕 the organization changed its name to the Messaging, Malware and Mobile Anti-Abuse Working Group in 2012 to better reflect its scope of work. In the digital world today, spam is just the symptom; malware and botnets are the real pathology, and M3AAWG has become an international forum for sharing information about these and other threats on any messaging platform. The purpose of the group is to bring the industry together to work against bots, malware, spam, viruses, DoS attacks and other online exploitation.〔Financial Times, "Secret war on web crooks revealed" by Maija Palmer, June 15, 2009 ()〕 It is one of the largest global organizations working against all forms of messaging abuse and represents over a billion mailboxes among its global membership. ==Overview== M3AAWG has three levels of membership: * Supporter, which is the least expensive and most popular level of membership * Full, which has additional privileges such as the option to chair a committee * Sponsor, which may include a seat on the Board of Directors As of August 2015, the M3AAWG Board of Directors includes AT&T (NYSE: T); CenturyLink (NYSE: CTL); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Facebook; Google; LinkedIn; Listrak; Mailchimp; Message Systems; Orange (NYSE and Euronext: ORA); OVH; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.〔(M3AAWG Member Roster )〕 The role of M3AAWG is to bring various aspects of the industry together to discuss related anti-abuse issues and, based on this cooperative effort, produce best practices, public policy comments, white papers and other materials that are available to the industry from the (M3AAWG ) website. It also provides an opportunity for professionals to share abuse information and their experience with their peers. M3AAWG has (36 papers and best practices ) on a variety of topics as of August 2015, with new documents addressing evolving threats and issues consistently in development. Among the currently available published best practices is a document to help (hosting service providers ) prevent abuse that was jointly published with the (i2Coalition ), anti-abuse recommendations for (messaging service providers ), best practices for (high-volume email marketing senders and email service providers ), and an (updated white paper on email authentication ). M3AAWG published the first best practices for mitigating bot infections in residential networks in July 2009, which were incorporated into the IETF's (RFC 6561 ) a few years later. Although M3AAWG does not lobby on government or public policy matters, it does supply factual information to government organizations as they develop relevant policy or legislation,for example on anti-abuse issues with the proposed.〔Macworld, "SOPA hearing delayed, likely until early next year" by Grant Gross, IDG News Service, Dec. 20, 2011, ()〕 M3AAWG holds three members-only (meetings each year ), two in North America and one in Europe. The four-day long meetings are organized around multi-track conference sessions with colleagues and public policy representatives, best practices document working sessions, training courses and global networking opportunities. The meetings often are held in conjunction with other relevant organizations. In the past, M3AAWG has hosted the (London Action Plan (LAP) ), the GSM Association Security Group (GSMA-SG), the (Anti-Phishing Working Group ), and other associations at its meetings. In June 2015, M3AAWG jointly published the global (Operation Safety-Net ) best practices with the London Action Plan. The cooperative global effort by industry and government experts is written in plain language and describes common online threats that are currently facing businesses, governments and end-users along with the proven best practices to mitigate them. M3AAWG also publishes (Email Metrics Reports ) tracking the volume of abusive email using aggregated data provided by M3AAWG member ISPs, email providers and network operators and a (Bot Metrics Report ) detailing the number of subscribers identified as having a system infected by malware, also known a “bot." It also has conducted two surveys looking at consumers' email practices: In 2009, it published a survey of North American users titled "(Of Course I Never Click on Spam - Except Sometimes )" and in (2010 expanded the survey ) to cover both North America and Europe. The (M3AAWG YouTube channel ) has over 70 training, industry keynote and short topical videos on a wide range of computer security and cybercrime topics. Training videos range from how ISPs can identify and clean malware from customers' systems to a tutorial on using the Bettercrypto guide to more easily implement encryption. Keynotes include thought-provoking presentations on the state of the industry from renowned security experts Dr. Dan Geer and Brian Snow, among others. Among its many industry partners, the EastWest Institute presented its (EWI 2013 Cybersecurity Award ) to M3AAWG in recognition of its anti-abuse outreach (in India ) and China and for facilitating cybersecurity global collaboration. Other industry partners that participate in M3AAWG include the (APWG ) (Anti-Phishing Working Group), (DMARC.org ), (DNS-OARC ) (DNS Operations, Analysis, and Research Center), (ISOC ) (The Internet Society) and the (London Action Plan ). M3AAWG is a member of the ISOC (The Internet Society), LAP and DNS-OARC. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「MAAWG」の詳細全文を読む スポンサード リンク
|