EU agency declares war on botnets ENISA, a pan-European agency designed to promote closer coordination on information security, is calling for a revamp of cyber-security laws and best practices in a bid to combat the growing economic impact of cyber attacks and botnet spam. The adoption in Europe of US-style information security breach disclosure laws is a key …
As mentioned so many times, why can't ISP take a real lead in this.
Letter to Bot Infected machine owner
We have noticed that you machine on the date of xyz appears to be infected by one or more viruses, causing problems on the <ISP> network. Please check you have an up to date anti virus software. We recommend (blah blah blah) but there are others available, many free. Also ensure that your operating system has all the latest patches
URL of link to ISP page with links to major OS patches.
Failure to rectify this isse will result in suspension of you account.
If you have already removed the virus(es) blah blah blah....
Everyone wins, ISP's get less traffic and possible tie ups with AV vendors, End User gets better connection speeds, and spammers get a harder time.
It's worth noting that when looking at the geographical origins of Botnet CC softwares and the comprimissed machines themselves. The EU region is by far and away the least of our (the ppl who suffer) worries.
It's a FACT that most (around 80% internationally)of these Botnets originate in the US and Asia... they just don't give a crap over there! Yes we could clean up our end but it's kinda futile when we have no control over the vast majority. Welcome to the free internet.
Stop cos...
Forcing more EU legislation onto ISPs is just pharping in the wind.
If an ISP was to drop service to some bot host, they'd probably lose a customer. Remember that corporations will do only what gets them more money, and botnets generate money, so they're probably here to stay for a while.
The real problem is that Internet users have come to expect spam / popups / freezing and slow Windows machines, so they won't do anything about the problem. If the users aren't going to do anything, then the game is pretty much lost before it starts.
Can't we make some sort of private secondary Internet that requires a license to get onto?
Given the number of PCs on the planet running Windows (the primary target for botification) and the high incidence of malware, 6 million sounds suspiciously low. Perhaps one of our intrepid El Reg reporters will gird his loins, look into this more closely, and tell us all what the real figures are?
Or is it that very little malware botifies its victims' PCs?
I'm faintly surprised that the EU didn't propose forbidding the sale or distribution of operating systems that are prone to botification, but I suppose as usual MS has taken preemptive action to prevent this.
If spam costs $64Bn a year and earns the spammers $1Bn,
wouldn't it just make sense to pay them $6.4Bn not to spam
and to patch their bots?
:-)
Of course, this would never happen... but ISPs should be forced to take more responsibility by blocking outgoing port 25 for example for their subscribers, unless they request it. However, this wouldn't stop DDoS attacks on other ports or form, referrer spam etc.
I wrote a nice system that blocks ssh attacks and sends a nice mail to the owner of the ip block, and it has had some success in notifying users of compromised machines.
I expanded it to do the same for spam and other mail/ftp abuses... so far sending out hundreds of notifications per day. Most fall on deaf ears, bad abuse addresses etc, but some do get through to some responsible providers who at least make an effort to clean up some of their zombies.
The whole reporting system needs overhauling, and records need to be kept up to date. Implementing such a global and binding system will not be trivial, and it would be a prime DDoS target for every criminal on the planet enjoying the current free-for-all. At least it would dilute their resources to attack elsewhere.
If we can start to wrestle the zombies out of their hands then they will have less ammunition to abuse in the future and be easier to track and manage.
The whole situation now is just such a massive problem that no ISP has the resources to keep their networks clean because they are just trying to survive on minimum profit margins through misguided competition on price and bandwidth while not emphasizing security and user welfare.
So, if they need a hand in setting this up, I'm in...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
