Correct me if i'm wrong but ...
So, citing an example, lets say something like a DDOS attack using a botnet is the problem ...
Lets say I'm a hacker and have at my fingertips access to said botnet.
I give said botnet a command.
All bots in my net follow that command.
No 1 single ISP can solve the problem as my bots can be anywhere on the internet and the net is something I created, and you (as the "victim" of my attack) are the only one that really sees the full scope of what actually went on.
Am I missing something here or is putting pressure on ISP's to solve the unsolvable just forcing our own bills up as consumers with no actual results (given that the problem is not a solvable one)?
So how would this work?
Your ISP reports all the various machines involved in my attack to "something" that holds a blacklist type thing?
Over time MY ISP remains in complete good standing, all the ISP's that host my many bots are affected by this "ranking system ?!?!?!".
The reality is the source of the attack was my home machine, but from your point of view the source of the attack was the many machines that took part.
From the point of the many ISP's involved in attacking you it's normal reasonable traffic.
So who points the finger at me (the real cause!)?
It seems to me that all cyber security related efforts are working on the effects not the cause, but tracking the cause is an extensive and complex task that would require a large data center and packet tracing information from the complete set of ISP's involved in this attack + some insane AI that could trawl this data.
Or did I miss something?