Monday, July 31, 2006

ISPs Accused of Ignoring Botnet Invasion

Munir Kotadia writes on ZDNet Australia:

Internet Service Providers are in the perfect position to kill vast armies of compromised computers -- or bots -- that are being used by cyber-criminals to launch the majority of spam and phishing attacks, according security specialists at the AusCERT 2006 conference.

Botnets are vast groups of Windows-based PCs that have been infected with a Trojan or virus that allows the computer to be illicitly controlled from a remote location. Bot armies comprising of between 10,000 and 100,000 bots are openly advertised for hire on newsgroups located in the darker corners of the Internet.

The majority of these bots are home computers that are connected to the Internet over a broadband link such as ADSL or Cable, which means all the malicious traffic initially passes through the network of each individual bots' ISP.

Mark Sunner, CTO of MessageLabs, said that ISPs have been hiding from this problem and have a "duty of care" to protect their customers in a similar way to the water utilities.

More here.


Post a Comment

<< Home