[ISN] ISPs 'must do more' to combat cybercrime

From: InfoSec News (isn@private)
Date: Sun Nov 28 2004 - 23:00:05 PST


http://news.zdnet.co.uk/internet/0,39020369,39175286,00.htm

Andrew Donoghue
ZDNet UK
November 26, 2004

The chief technology officer of online gaming portal Betfair has
called on more government and industry cooperation to combat the
growing threat of distributed denial of service (DDoS) attacks to
online businesses.

In an exclusive interview with ZDNet UK, David Yu said that DDOS
attacks may have only really affected a handful of businesses so far
but any company that relies on the web to transact with customers or
partners should be aware of the problem.

"I think in general, there is a lot more that the e-commerce industry
as a whole needs to be aware of. Security threats are not a gaming
related problem, they could easily affect any other e-commerce
company, online travel, online books, they could affect healthcare and
government," he said. "I think there have been some sectors who have
said its not our problem; its not for us to worry about – well I would
tell them that it is going to be their problem if they don't pay
attention."

Betfair, along with several other UK betting sites, has been targeted
by Web-based criminals -- and has been a victim of DDoS attacks on
three separate occasions. The attacks work by flooding servers with
traffic often generated by hijacking private PCs -- so called botnets.

In July the company admitted that its main exchange site was affected
for just over an hour due to a DDoS attack. The attack prevented users
from accessing the site with some customers claiming they been unable
to view or place bets and some claiming to have lost money.

Yu, recently voted Daily Telegraph IT Director of the Year 2004 and
runner up in the CNET UK Technology Awards, explained that during a
period of sustained DDoS attacks earlier this year, various gaming
organisations banded together to exchange information on how best to
tackle the problem.

"What we saw is that the gaming industry as a whole has been under
threat but worked pretty well at the time to combat the problem
together. What we started to do was have industry-wide forums where
the heads of infrastructure from all these other companies got
together," he said.

"It worked very well, it was nice to see that the industry, although
we compete against each other as hard as we can, here was a common
threat which we came together to combat and shared information," he
added.

Yu claimed that although its own service provider Cable & Wireless had
been very effective, there is a lot more that ISPs could be prevent
DDoS attacks and help security agencies track down the culprits.

"I think there is more that network providers and ISPs can do. A lot
of these attacks stem from individual [broadband-connected] PCs being
compromised and then using that broadband access to flood these sites.  
We think that ISPs could do a lot if they took more responsibility. We
do see a mix -- we see some network providers who work very actively
to try and cleanse their system and provide high-quality bandwidth and
the others who don't."

Yu's comments echo earlier remarks from ex-US cybersecurity chief
Richard Clarke earlier this month. "I think we are going to see
companies asking their ISPS to do more. A lot of denial-of-service
attacks could be prevented if ISPs co-operated with each other."



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Mon Nov 29 2004 - 02:36:23 PST