back to article Hackers ahead of the game despite McColo shutdown

The recent takedown of a notorious botnet-friendly web-host was a major victory for the good guys but the cybercrime outlook remains grim, according to a flurry of annual reports from security vendors published on Tuesday. The reports collectively show that the internet remains a cesspool of malware and that crooks continue to …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    I have my coffee...

    Now I shall sit back and watch the three way battle for domination knowing that at the end there can only be one.

    Smugtards (I'm a PC!) vs Windoze (I'm a PC!) vs Crapple (I'm a PC!)... LET'S GET READY TO RUMBLE!!!!

  2. Anonymous Coward
    Flame

    Why is it so hard?

    ISPs should get a block list of IPs from certified sources (not Joe Public) to kick off their network.

    If they do not comply (say within 48 hours), then the ISP should get blocked.

    This will be tough for the first few months while they get their act together and begin to kick off the infected machines. You can bet that the low-rent ISPs will be hit hardest.

    When the owner of an drone PC phones up to complain that they can no longer waste their lives in "2nd Life" or whatever, they can be told exactly why and exactly what they need to do about it to be allowed on-line again.

    This is not difficult (neither is eradicating SPAM), all it takes is the will to implement it. ISPs simply do not have the will; there's too much money in it for them.

  3. Anonymous Coward
    Anonymous Coward

    7 million is enough

    to get the ball rolling. Crackers do it on a shoe string, you can hire 40 good people, deck them out with some decent hardware for 7 million.

    Then let them prove themselves, it is going to be in the hire they will have to have the best, if they hire 40 numpties who cannot write a rootkit between them I think there will be a problem, but they cannot be that daft. If it says MS Windows or Mac as the main OS on the CV, just don't hire. If their only or main programming experience is Java, again don't hire. It is pretty simple to sort the wheat from the chaff.

  4. Anonymous Coward
    Thumb Down

    Not much difference

    Checked one of our filters today, 1.2M spams last month compared to an average of 1.6M per month over the last 6 months. So if your drowning in 16 feet of water, it makes no odds if someone lets 4ft out of the pool, you're still drowning!

    spud@myezdial.com

  5. blackworx

    Figures

    "A survey by Trend Micro revealed that only five per cent of malware infections resulted from the exploit of a software vulnerability"

    Well no, given that for it to be significantly greater would imply there is a population of even semi-skilled coders, as opposed to an army of knuckleheaded goons and skiddies, writing the vast majority of nastyware.

  6. Franklin
    Thumb Down

    Basic financial incentive

    What's the incentive for ISPs to secure their servers? None. Security doesn't sell to the overwhelming majority of folks who want to put up a Web site; the only three things they care about are price, price, and price. An ISP can be pwn3d sixteen ways from Sunday, with thousands of sites hosted on their servers penetrated daily, and they'll still make money.

    What's the financial incentive for ISPs to disconnect compromised, malicious, or spammy customers? Again, none. They lose revenue, but what do they have to show for it, besides kudos from a handful of folks who care about security?

    What's the financial incentive for ISPs to educate their customers about security? None. It's costly and it doesn't make a lick of difference to the bottom line.

    I've written emails to ISPs that host compromised servers and have hundreds, or even thousands, or in two cases tens of thousands, of virus and malware droppers living on their networks, and received replies like "I see the problem and issues involved, I have to say what they are hosting is not right, but the best we could do is try to communicate with the client and urged him to stop or issue a 30 days termination notice per our terms of service if it is not resolved to our satisfaction. Please understand we have our difficulties as well from a service provider point of view and thank you for the understanding." (That's a direct quote, mind.) That is, when I receive a reply at all.

    Until a direct, tangible incentive exists for ISPs to take responsibility for their networks, or a direct, tangible disincentive exists for ISPs to tolerate this kind of situation, or both, the situation will remain exactly as it is.

  7. yeah, right.

    breakdown?

    Anyone have a breakdown of the operating systems that are involved in botnets, etc? As in, how many of each type, OS versions, and so on? I've looked, but I find a complete dearth of "by O/S" breakdown of botnet systems.

  8. Steve
    Paris Hilton

    @ac - "...a block list of IPs"

    A block list of IPs just doesn't work.

    I had trouble a while back when a number of websites I deal with all disappeared from Virgin. After some discussion with Virgin's techs, it was determined that these sites were on their blocklist (a copy of which was sent to me for analysis). Because these sites were hosted by a server that handles many websites (the most common way small websites are hosted), they were on the same IP as a single dodgy site. Further discussion revealed that normally such all catching blocks aren't employed because, as in this case, it may remove a single dodgy site but in the process takes out thousands of legitimate websites.

    Took Virgin 4 days to remove that block, along with the others wrongly applied by their PFY.

    They weren't sure about unblocking at first, but the idea of a court case caused by thousands of sites losing business from a potential 50% of the UK's internet users may have been a contributing factor to removing the blocks.

    Paris, because she doesn't want things blocked willy nilly either!

  9. E-Victims.org

    Poltical will

    The main problem is their is no political will to address e-crime or other online incidents. Remember this government has you reporting your credit card fraud to credit card companies, bank fraud to you bank and Ebay fraud to ebay.

    There are enforcement agencies that will not take reports from victims either because they do not acknowledge it is their remit or they don't have the training and resources. We find other agencies that simple provide wrong information to victims because they are not up to date on current legislation.

    Unfortunately, I do not believe this government is willing to discuss online issues seriously so I have no confidence that some of these basic issues will be addressed - let alone the more difficult ones.

This topic is closed for new posts.

Other stories you might like