InformationWeek – Internet > ISPs under pressure to crack down on bots and spam

Welcome Guest | |

Home
Global CIO 2010
Case Studies
Special Features
Interviews
Top News
Section
Vertical
- BFSI
- IT/ITES
- Government
- FMCG
- Telecom
- Manufacturing
- Pharma
- Services
Special Property
Editor Zone
Analytics & Reports
International News

| | | | | | | | | | |

Internet

ISPs under pressure to crack down on bots and spam
Costs of outbound spam and pressures from new laws and regulations are driving ISPs to clean up their own networks By Robert Lemos, DarkReading, June 15, 2010

For Internet service providers, e-crime is not cheap.

The problem of customers' compromised computers sending spam can dramatically impact an ISP's bottom line, according to a survey by Osterman Research released today: Nearly 40 percent of ISPs had their IP addresses blacklisted by the Real Time Blackhole Lists (RBLs) in the past year. A blacklisted mail server could lead to dropped e-mail -- and an increase in support calls to the ISP.

The outbound spam issue highlighted by the report is one example of the business issues that compromised computers pose for ISPs. One in six providers spends more than USD 100,000 attempting to prevent outbound spam from impacting their business, according to the report, which was funded by e-mail security service CommTouch.

"I haven't found a service provider that does not have at least a couple of people tasked with dealing with outbound spam," says Asaf Greiner, vice president of product for CommTouch. "If you don't deal with outbound spam, you run the risk of having your IPs blocked."

Nearly half of respondents said outbound spam adds to their costs of doing business, wastes time for the IT departments, damages their reputations, and affects their customers' service levels.

The outbound spam problem is just one way Internet service providers are being driven by regulatory and market forces to pay more attention to the security of their customers' networks. Some Internet service providers have already embarked on initiatives to clean the traffic flowing through their systems. ISPs in Australia, for instance, have signed an agreement to notify consumers if a PC is compromised by malicious software. Those ISPs could curtail the compromised computer's bandwidth to slow the spread of harmful code.

In the Netherlands, more than a dozen ISPs have agreed to exchange information about security issues, notify users if their system is compromised, and block traffic from infected systems, essentially quarantining users.

"I am a firm believer in the role of ISPs helping to protect customers against security threats," said Jose Nazario, senior researcher at network security firm Arbor Networks, in a recent interview. "It needs to go beyond the practices that we have seen in the past, beyond blocking traffic and protecting the network, to protecting customers themselves. If they are spamming the network, they are going to get their traffic dropped. That is a significant business impact."

ISPs' security measures, however, have to strike a delicate balance: Block too many compromised users and the support calls could beggar the business, but block too few and the ISP runs the risk of government intervention or being added to the blacklists. A single customer call can cost an ISP as much as the profit from the customer over two years, says Nazario.

Yet if large ISPs tackle the issue of compromised computers in their networks, the problem of spam is solvable, according to a paper presented this week at the Workshop on the Economics of Information Security.

blog comments powered by Disqus