Tekblog

Comcast

Comcast Corp, a U.S. high-speed Internet service provider recently released a ‘pop-up, in-browser automated alert service’ known as “Constant Guard.“   The trial system (currently available in Denver, Colorado) warns customers of potential virus infection, if their computer behaves as though it has been compromised by malware.  Aside from the automated alert, the customer will also receive email verification of the alert at their primary Comcast email account.

The alerts are triggered “when we see computers on our network that are doing things that are known bot activities–say, a computer is spewing out thousands of spam e-mails,” said Jay Opperman, senior director of security and privacy at Comcast. — cnet news

“As the nation’s largest residential Internet service provider, our goal is to provide a safe and secure Internet experience for our customers,” said Mitch Bowling, senior vice president and general manager of online services at Comcast. “The Constant Guard Security Program is the result of many years of working to assemble the right people, technologies and resources to help ensure our customers are protected from hackers and bots in real time.” –PR-Inside.com

Comcast customers currently have free access to McAfee Internet security software.  Overall, Comcast Corp is a major ISP leader and shining example of how an Internet Service Provider (ISP) can be supportive of Internet security initiatives, embrace social responsibility at the gateway, and stay proactive in the continuous fight against cybercrime.

Comcast has been ranked as one of the TOP 5 ISPs in Shadowserver.orgs Hall Of Fame “for going the extra mile in helping us rid the world of malware.”

ISPs in General

During a keynote presentation at the Virus Bulletin conference 2009, Head of Google’s anti-malvertising team,  Eric Davis, wanted ISPs to become more proactive in their approach in dealing with malware-infested computers on their networks.

“The ISPs are in the best position to detected [SIC] infected machines. They’re in the best place to do something about malware.  They already have monitoring systems that could be used to identify signs of malware and botnet activity…However, because ISPs have no monetary incentive to notify and help disinfect machines, the botnets live and thrive within ISP networks.”

Eric also recommended ISPs use the Australia Internet Security Initiative (AISI) as a model to fight malware.  The AISI group mandates minimum customer security levels and isolate infected machines into “walled gardens” until the malicious software is removed. Clap, clap, bravo Eric!

Finjan’s Malicious Code Research Center (MCRC) research reveals that malware is installed on computers when visiting compromised websites serving malicious code. Cough. Hey Twitter. Let’s not suspend the account of a prominent  researcher who helps thwart botnets and malware, why not just suspend the account of @softwaregenius who pushes malware urls to MALWAREREMOVALBOT?

“The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar,” said Yuval Ben-Itzhak, CTO of Finjan. “As big money drives today’s cybercrime activities, organizations and corporations need to protect their valuable data to prevent theft by these kind of sophisticated cyberattacks.” –PR Hub

Pekka Andelin, a Malware Analyst at Lavasoft asked this question earlier this year: “Should Internet Service Providers (ISPs) supply their customers with an Internet connection over a network feed that is clean from illegal Web content and malware – programs that could cause network lag, compromise system security and threaten user privacy? — ISP Level Malware Filtering, An Extended Clean Feed?

Pekka used the analogy of how a water company has to make sure that the water they provide via pipes is “uncontaminated and flows securely all the way to their customers’ water taps.”

Conclusion

Comcast, walled gardens, and water pipes, oh my!  What do they all have in common?  They are all a part of  the anti-botnet cornerstone that is pivotal in securing the foundation of our financial systems .  The Internet can no longer be stymied within the context of wild, wild west discourses.  Globally, there is too much at stake.  The old Internet is no more.

We now sit on the verge of a SUPER Internet that has the potential to bring down our financial systems worldwide.  Every time we get one step ahead of the bad guys, they reinvent, they morph, and they grow bigger. We have to learn to grow bigger too.  We must learn to embrace  social responsibility. In order to keep the new Internet safe, we have to let go of me, Me ME and work toward the good of the whole.

Until next time — Stay safe online!