[91603] in North American Network Operators' Group
Re: mitigating botnet C&Cs has become useless
daemon@ATHENA.MIT.EDU (Rick Wesson)
Tue Aug 8 18:10:09 2006
Date: Tue, 08 Aug 2006 15:10:50 -0700
From: Rick Wesson <wessorh@ar.com>
To: Mikael Abrahamsson <swmike@swm.pp.se>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.62.0608082159560.7520@uplift.swm.pp.se>
Errors-To: owner-nanog@merit.edu
Mikael Abrahamsson wrote:
>
> On Tue, 8 Aug 2006, Simon Waters wrote:
>
>> However most big residential ISPs must be getting to the point where
>> 10% bandwidth saving would justify buying in third party solutions for
>> containing malware sources. I assume residential ISPs must be worse than
[snip]
> It might not be the right thing, but the economics for the residential
> ISP it costs a lot to try to be proactive about these things, especially
> since botnets can send just a little traffic per host and it's hard to
> even detect.
>
Last sunday at DEFCON I explained how one consumer ISP cost American
business $29M per month because of the existence of key-logging botnets.
you want to talk economics? Its not complicated to show that mitigating
key-logging bots could save American business 2B or 4% of =losses to
identity theft -- using FTC loss estimates from 2003
just because an ISP looses some money over transit costs does not equate
to the loss american business+consumers are loosing to fraud.
sorry, DEFCON slides aren't up anywhere yet. drop me a note if you'd
like a copy.
-rick
