In a panel session at IT conference Infosecurity Europe 2005, Richard Cox said ISPs were ignorant about who their customers were and what problems they faced. "The majority of (networks) do not know who their customers are," said Cox. "If you have a problem, you will not get a response. They will not firewall your network, but they do firewall the customer support center so you cannot get through."
Cox highlighted botnets--thousands of networked compromised PCs, typically used for malicious purposes such as spamming--as a problem for the Internet community. He said ISPs should exclude botnet computers from using their service. "It is the network's responsibility to take [botnet] computers off the network."
Cox said that Windows XP Service Pack 2 had helped to reduce the number of botnets around the world. "SP2 has removed a number of vulnerabilities in XP," said Cox. "But whatever we put right in SP2, [hackers] will find a way around it."
But the Computer Crime Unit of London's Metropolitan police disagreed with Cox.
"The botnet issue is a rising problem despite the issue of SP2," said Detective Inspector Chris Simpson. "It is also the script kiddies [doing this]. We might joke about the impact of these people, but a 15- or 16-year-old with a 30,000-strong botnet might be able to wipe someone off the Internet, so they really do pose a threat to anyone with Internet presence."
Dan Ilett of ZDNet UK reported from London.
