ISPs Putting Email Users in Botnet Peril

Cloudmark says service providers' existing spam, AV filters miss more sophisticated malware attacks

Dark Reading Staff, Dark Reading

September 4, 2008

1 Min Read

Internet service providers must reassess their messaging security defenses to catch phishing and spam messages that elude traditional antivirus and spam filters, according to a messaging security provider to major ISPs.

With most email-based attacks today using malicious URLs to infect recipients rather than old-school file attachments, ISPs that aren’t updating filtering techniques to catch these threats are inadvertently enabling botnet infections as well as spam proliferation, according to Jamie de Guerre, chief technology officer for Cloudmark, which provides real-time spam, malware, and phishing protection for network providers.

“Operators who fail to take the same holistic approach to their IT security and filtering processes that spammers, hackers, and malware writers are taking to their attacks are doing a significant disservice to their customers,” de Guerre says.

Botnets are responsible for 70 percent to 80 percent of all spam, and the botnet population has quadrupled over the last three months, according to new data from the Shadowserver Foundation. ISPs have for some time been under pressure to take a more proactive stance against bot herders.

“If you want to protect your end users, you need to filter out the mail that points to malware as well” as malware-infected attachments, says Adam O’Donnell, director of emerging technologies for Cloudmark.

But there’s no real cure for bot infections. “It’s like a chronic disease,” O’Donnell says. “They [ISPs] can minimize the rate of new infections until people throw out their computers and buy new ones.”

O’Donnell says ISPs are working hard on prevention and are testing remediation technologies as well. “Only time will tell if they work or not,” he says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights