ISPs have been asked to identify possible zombie computers as part of a joint anti-spam initiative.
Currently, malicious users can call upon enormous reserves of processing power in order to send out spam email, launch denial of service attacks, and so on. This stolen resource is acquired by infecting inadequately secured computers and networks that connect to the Internet as a whole, resulting in the colorfully named ‘zombie armadas’ – machines that can be remotely commanded to perform tasks at little or no risk to the perpetrator, and, equally important, at an absolute minimum of cost.
With this problem in mind, the UK’s Office of Fair Trading is partaking in a joint initiative to combat the generation of spam using zombies. In line with this, ISPs are being invited to identify and isolate computers sending out abnormally large volumes of email, and to more closely support customers in cracking down on malware.
On the face of things this is a praiseworthy move, but sadly one that lacks any teeth. ISPs have been invited to participate, but are under no obligation to cooperate – and even if they were obliged, many of the smaller players cannot afford to deliver this level of service in any case.
Although ISPs will in time play a crucial role in solving the overall problem, this is not the best way of achieving it. No business should be subjected to legislative coercion that would drive it into bankruptcy, although this could be exactly the case if legislators take too narrow a focus on the role of the ISPs themselves – this is a risk that the industry must carefully manage in the years ahead.
Regardless of the outcome in the West, until countries such as China, and regions such as eastern Europe, take effective action against the huge amount of open spam relays within their borders, the rest of the world will struggle to make serious headway against the generation of spam – but we must persevere.
Source: OpinionWire by Butler Group (www.butlergroup.com)
