Technology news and Jobs 
Analsys & Opinion The Right Angle Taking the OECD's anti-spam solution one step further
Analsys & Opinion The Right Angle Taking the OECD's anti-spam solution one step further | Taking the OECD's anti-spam solution one step further |
|
| by Stuart Corner | |
| Monday, 24 April 2006 | |
|
When it released its anti-spam toolkit last week the OECD listed as one of its recommendations the inclusion of lessons on spam and Internet security in school computing courses and in courses offered to 'senior citizens'. Perhaps such instruction should be widened, and made mandatory. And with good reason: an unprotected PC connected to the Internet is a danger not only to its owner but to the global Internet community. About 18 months ago computer security company, Symantec estimated that, on any day, anywhere between 30,000 and 70,000 computers - mostly owned by ignorant consumers who fail to keep their antivirus software up to date - are under the control of gangs of organised cyber criminals and used to launch spam campaigns, phishing scams or denial-of-service attacks. Another study of consumer PCs conducted by the National Cyber Security Alliance in the US and by AOL, found that 19 percent of the PCs scanned for the study had some sort of virus, while a troubling 80 percent had some sort of spyware or adware installed. This survey found that 85 percent of users had some sort of antivirus software, but only 33 per cent of users had updated it in the past week. Attempts to counter such large scale abuse of vulnerable, net-connected PCs and to catch the crims responsible are confounded by the technology. According to the study, "a PC...might be used as a fake website for only 10 minutes, before another ... usually in a different country, pops up and takes over, making it hard for police to track down the source of the attack." According to Symantec, A PC fresh-connected to the Internet will experience some form of attack within 16 minutes. One PC in the National Cyber Security Alliance/AOL study was infected with over 200 viruses. You can't blame the users entirely. Some PC retailers knowingly sell systems with outdated virus software and, more importantly, Windows operating systems without the latest security patches. Something clearly has to be done. And there seem to three possible avenues: making the technology foolproof, imposing regulation on the supply side and/or on the user. Clearly none of these would solve the problem entirely, but could certainly greatly reduce the number of PCs available for illicit use by those with nefarious aims. Many regimes have already legislated to ban spam. It seems not unreasonable to envisage this legislation being extended to require computer owners to take 'reasonable precautions' against infection and illicit use of their machines to distribute spam. If so the threat of prosecution should the source of illicit activity be traced to their machine might be sufficient incentive to ensure a reasonable level of compliance. But most civilised countries impose restrictions on individuals that aim to limit their ability to cause harm to their fellow citizens: you can't buy a gun without a licence, nor can you drive a car. Spam isn't life-threatening (not yet anyway) but it's certainly damaging. So why shouldn't users be required to display a level of competency in securing their PCs before they're allowed to connect to the Internet?
Get stories like this delivered daily - FREE - subscribe now
|
Tags
| < Next story in category | Previous story in the category > |
|---|
