Will your ISP quarantine you if you are infected?
Posted by: Timothy Weaver on 06/04/2014 10:29 AM [ Comments ]
In light of the recent take down of the Gameover Zeus botnet, some security advisors are suggesting that ISP's not only notify their customers if they are infected, but also quarantine them from the internet until they are clean.
The U.K.’s National Crime Agency said: “Individuals in the U.K. may receive notifications from their Internet Service Providers that they are a victim of this malware and are advised to back up all important information—such as files, photography and videos."
Rik Ferguson, global vice president of security research at Trend Micro, went a step further when he said that ISP's should take even a bigger role in the fight against botnets as “desperate times call for desperate measures.”
“ISPs on an on-going basis should take advantage of the threat intelligence feeds of the security industry to identify compromised systems connected to their networks,” Ferguson said. “Those systems should be moved to quarantine, the account owners should be contacted and directed to resources which will enable them to clean up and rectify the situation. Until such time as the infection is remediated the computer should be able to access only limited Internet resources. Don’t care will be made to care.”
Implementing this might be a problem for some ISP's due to privacy or local legal frameworks.
Rik Ferguson, global vice president of security research at Trend Micro, went a step further when he said that ISP's should take even a bigger role in the fight against botnets as “desperate times call for desperate measures.”
“ISPs on an on-going basis should take advantage of the threat intelligence feeds of the security industry to identify compromised systems connected to their networks,” Ferguson said. “Those systems should be moved to quarantine, the account owners should be contacted and directed to resources which will enable them to clean up and rectify the situation. Until such time as the infection is remediated the computer should be able to access only limited Internet resources. Don’t care will be made to care.”
Implementing this might be a problem for some ISP's due to privacy or local legal frameworks.
Comments