Government must force ISPs to take security seriously

Service providers are facing increasing pressure to take a more proactive stance when it comes to protecting customers from malware
Written by Andrew Donoghue, Contributor

In a recent interview, the CTO of Messagelabs Mark Sunner claimed the current attitude of ISPs to malware is akin to a water company pumping raw sewage to customers and expecting them to clean it up..

"Advanced scanning needs to be shifted upstream to the Internet level, where it is possible to be proactive as opposed to reactive. Governments really need to put additional pressure on the ISPs to take ownership of the problem, and to filter the connections that they are providing to businesses and to home users," he said.

At the time this analogy seemed a bit overblown but it is an attitude that seems to be gaining ground. Richard Clarke, ex-US cybersecurity Czar, intimated a similar line when he claimed service providers should be taking more responsibility when it comes to the rise in the number of distributed denial of service (DDOS) attacks – which cripple web sites by flooding them with requests from multiple sources.

Similar comments have also been made by the chief technology officer of betting exchange Betfair
while research company Mori released a survey this week claiming that that 58 percent of 1,006 consumer respondents said ISPs needed to work harder to protect their customers.

The response from ISPs has been unusually frank and abrupt in these days of PR-polished corporate communications. The UK's two leading telcos -- BT and Cable & Wireless -- responded to calls for them to do more about security and specifically DDoS attacks by claiming those kinds of 'extra' services don't come for free.

Government intervention is needed for anything to change it seems. Pressure could well come in the shape of the communications watchdog Ofcom if the organisation's remit eventually embraces Internet regulation.

Web users demand more protection from ISPs
Survey: Most users want their ISPs to give them better protection from malicious attacks and are even willing to pay more for it

WIth ISPs like this, who needs enemies?
Service providers aren't providing much of a service when it comes to protecting customers from DDOS attacks

ISPs raise the stakes on DDoS attacks
ISPs claim they can do more to protect their customers from DDoS attacks - but only at a price

Betfair: Taking no chances with technology
Supporting some 300 transactions a second, 24/7, UK betting exchange Betfair is up there with the most advanced e-commerce businesses in the world, says the company's CTO David Yu

Straight talking on terrorism
Counter-terrorism advisor to four US presidents Richard Clarke talks to ZDNet UK about cybersecurity, and its importance

'Clean up this Internet effluent now'
Messagelabs CTO Mark Sunner claims that ISPs allowing unfiltered traffic to flow to customers is like a water authority pumping out raw sewage


Editorial standards