ISP forced to take action on viruses
Published: 18 Mar 2004 14:55 GMT
High-speed Internet service providers are increasingly putting their customers in the security hot seat, as they try to fight recent virus attacks that turn computers into spam factories.
Broadband companies have said they routinely monitor customer accounts for signs of abuse and take action when it's appropriate. Although such policies have been in place for years, they're now being invoked more than ever, due to the spread of viruses that allow spammers to spew out millions of junk email messages under victims' noses.
The virulence of these virus attacks has sparked a fierce debate over countermeasures, security experts said. The problem has become so bad that broadband companies are considering whether it's time to substantially beef up policing on their networks -- something they've avoided in the past because of the cost and potential privacy concerns involved.
"Nowadays, a person sending spam is Granny, and she has no idea she's doing it," said Joe Stewart, a senior security researcher at Lurhq, a corporate security company. "[ISPs] can pull the plug, but it's hard and time-consuming to spend time on each user on tech support."
High-profile viruses such as Sobig, MyDoom and Bagle have preyed on available bandwidth, lax security and ignorance among ISPs and consumers alike to turn unknowing Net users into bulk emailers. The problem has prompted broadband ISPs, such as cable and Baby Bell phone companies, to step up network scanning and enforcement of security policies. These policies include the use of account suspensions to prod customers into using better security practices.
The debate touches on far-reaching questions about the direction of Internet security policy and about the roles of ISPs and individuals in maintaining safe networks. Should the primary responsibility for security fall to broadband ISPs or subscribers?
A sweeping report on Internet security the White House issued in September 2002 concluded that the best antidote for security lapses is to better educate and motivate people into adopting better security practices, such as installing firewalls and keeping antivirus software up-to-date.
Previous
Did you find this article useful?
259 out of 522 people found this useful
- Share this article:
Full Talkback thread
4 comments
