We`re at War with Botnets - Culprits for Spreading Botnets
(Page 3 of 4 )
ISPs, web service providers, and domain registrars are largely responsible for spreading botnets across the networks and the Internet. For example, McColo, a company that is no longer in business, was hosting the Szribi botnet. Brian Krebs of the Washington Post requested that McColo's upstream providers, Global Crossing and Hurricane Electric, stop routing its Internet traffic.
The upstream providers complied, and it showed just how much spam that botnet had been pumping out. Immediately, spam declined by approximately 75 percent. Unfortunately, the creators of the Srizbi botnet had an algorithm in the code that produced unique domain names, which enabled the botnet to return back online.
Not to let ISPs off the hook, but some are caught between a rock and hard place. ISPs must consider privacy issues and regulations. These vary depending upon the country.
Another reason ISPs have trouble with botnets is money (surprise surprise!). According to Alex Lanstein, a security researcher at FireEye, an anti-botnet company, botnet herders write software code so they can make money. ISPs profit from them as well by hosting these harmful websites.
Lanstein also mentioned that data centers don't actively monitor the traffic. Even as some providers finally find out about these rogue businesses, bot herders will threaten to take their business elsewhere by looking for providers in other countries who have lax policies. However, ISPs have to take botnets seriously, because they can impact bandwidth consumption and cause an increase in customer complaints.
Next: Fighting Back >>
More Web Hosting Security Articles
More By Joe Eitel
/ 3 
