manfmmd
Premium
join:2003-01-14
Earth
clubs:
| My thoughts
the learning curve required for many executive managers to understand this threat and what it is doing to their network That said I do not blame the customer service centres as they merely respond to the requests of the executive management
Policies and procedures should have been in place long ago for shutting off connections and notifying customers when their systems have been compromised. This isn't 1991.
--
huh? | AIM | Utopia does not exist. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
|  It is all about money; abuse depts don't bring in revenue
The real problem is understaffed security/abuse departments at the big ISPs. And as long as the bean counters and not technicians call the shots, that is the way it will stay. The only thing that will get the accountants to change would be if customers started jumping ship over the issue due to slow systems caused by rampant botnets.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page |
|
tsu9
join:2001-08-17
Wheeling, IL | Somewhat ironic in that the bots more than likely cost more money [to maintain on-network] than to clear the infected computers. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by tsu9  :Somewhat ironic in that the bots more than likely cost more money [to maintain on-network] than to clear the infected computers. You are right. But during the yearly budget process, if the Net Security dept can not DOCUMENT the revenues that are lost thru the problem, then they don't get the budget money. It takes a very savvy and financially aware Security Dept Director to learn how to document what is happening. Unfortunately, my experience is that they are usually sharp technically, but are not often very good at financials and corporate politics.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page |
|
Shark_615
join:2006-01-17
Pickering, ON | reply to manfmmd
Re: My thoughts
So says an obviously well informed, highly educated security expert, with a top level security position from bbr with a dancing... chicken? |
|
jbjetta
Premium
join:2004-07-23
Laurel, MD
| Botnets, the spam of 1999
This is nothing new to ISPs. I remember in 1999 when the RBL's started trample on the larger companies, out of nowhere one of our CS guys where turned into Abuse. 1 person trying to handle thousands of open relay and other spam complaints. It took nearly a year to get a second position in place to handle that. Eventually it ended up on the wayside till issues arose again.
Layer 8 only sees the dollars involved to run abuse departments, they really don't understand anything else about it. I no longer work for an ISP as I moved on to bigger more frustrating networks to run where the 8th layer is so bloated most management would cry. But its no different today when you forward proof of a HUGE botnet to some of the broadband providers to never hear from them again. Some actually take action and contact back and that's usually when I am most surprised.
For those still trying that battle good luck, I hope at some point some of the ideas mentioned today might actually become common practice. |
|
calvoiper
join:2003-03-31
Belvedere Tiburon, CA
1 edit | Ooops!
(deleting mis-posted comment) |
|
catseyenu
Ack Pfft
Premium
join:2001-11-17
Fix East
| reply to TKJunkMail
Re: It is all about money; abuse depts don't bring in revenue
I hear a lot of talk about the "cost of caring" in regard to securing networks.
Management weighs out the risk of loss vs the cost, often with any "cost" being passed on to the customer in one way or another. Pragmatically a reasonable decision... until the availability of consumer choice comes into play.
Having to choose between the wild west posture of an ISP where the spam relays play and bots rule the day and another where "god" will terminate you on sight for peeing in the pool, I think most users would make the decision to drink from the cleaner fountain.. if they have that choice.
Enter consumer awareness and government pressure.
Any U.S. ISP's management that hasn't seen the writing on the wall might want to get their resume updated or retirement options sorted. The axe is about to fall and the scramble for scapegoats is about to begin. A good security engineer is worth their weight in gold and will be both management's and the customer's best friend in the near future.
That said, there are those who have accomplished securing the "pool" and kept costs down. The ISP with the foresight to do this will probably inherit the customer base of providers who historically made things better for the user but have missed the boat on current threats and technology. |
|
manfmmd
Premium
join:2003-01-14
Earth
clubs:
| reply to Shark_615
Re: My thoughts
said by Shark_615 :So says an obviously well informed, highly educated security expert, with a top level security position from bbr with a dancing... chicken? There are basic AUP and TOS that the users agree to while using the service and behind those should be policies and procedures to deal with anything from billing, support, abuse, etc.
For instance a technician handling an abuse ticket should be able to take action immediately after investigating the situation to isolate the problem. There should be no meetings about it (unless it is a new risk/problem), there should be immediate and decisive action.
--
huh? | AIM | Utopia does not exist. |
|
