Why Should ISPs Fix the Zombie Problem?

Zombies (or bots) are PCs that have become infected with malware that allows malicious remote control of the PC. They are usually herded into botnets and sold to spammers or phishers for the purpose of quickly sending unwanted email. It's a big problem, but ISPs are in a unique position to fix the problem and should be motivated to do their part. Here's why:

An ISP can detect when one of its customer's PCs starts sending spam, either by outbound content control or by spotting an unusual spike in volume. The ISP may even be able to detect the earlier signs of infection, such as connection to an IRC channel used to control the bots.

ISPs should be proactive in quickly fixing such problems. If they don't, their reputations and the reputations of their customers may be damaged. The spam control industry is quickly waking up to the fact that reputation is a good way to filter incoming SMTP connections, without the expense of content scanning. As this view becomes more prevalent, ISP customers won't want to be associated with an ISP that takes a cavalier attitude toward its reputation and that of its customers.

Today's edition of the premium newsletter contains a follow-up bulletin, with ideas on how ISPs can fix the zombie problem.

... Richi Jennings, with thanks to Cloudmark's Jamie DeGuerre

Post a comment

You must be logged in to post a comment. To comment, first join our community.