Since then, however, changes in the nature of virus attacks have made that model increasingly untenable for broadband ISPs, and some are beginning to rethink their historically hands-off policies, antispam experts said.
"Their attitude was: 'We can't possibly be monitoring everything going on in customers' computers,'" Ray Everett-Church, chief privacy officer at anti-spam software company TurnTide, said about broadband ISPs. "But they found they had to participate when those activities had negative consequences for their entire network."
Finding the right balance
Viruses such as Sobig and Bagle disguise themselves as cleverly worded emails that can install exploits on a PC, once their attachments have been downloaded. Once these "Trojan horse" programs are installed, the viruses create a hole that lets spammers relay bulk emails, using the victim's address -- adding another layer of anonymity for the spammer.
The spread of these Trojan horse viruses has caused considerable damage and annoyance. ISP networks and user inboxes have become clogged with higher levels of spam, and more work is needed to fix exploits in networks and in PCs. One study found that this year, North American ISPs will spend up to $245m (£133.9m) in dealing with these viruses.
Broadband ISPs are taking different approaches to the problem. Many have implemented policies that identify, quarantine and sometimes suspend or shut down accounts that have been infected. Others leave it up to their customers to keep their antivirus software up-to-date.
These policies are by no means foolproof. Virus writers are usually one step ahead of software fixes and can still find a way to get viruses to high-speed Net users. Broadband ISPs are caught in an endless cat-and-mouse game that often translates into greater costs, as they increase efforts to educate users and disinfect PCs.
Comcast, the nation's largest cable operator and broadband ISP, is considered by some email watchers to be one of the biggest virus targets. The cable giant said it has implemented anti-spam software on its network and that it continually monitors activity to find potential victims, or purveyors, of spam viruses.
Talkback
i object very strongly to the following statement within this report:-
"Nowadays, a person sending spam is Granny, and she has no idea she's doing it," said Joe Stewart, a senior security researcher at Lurhq, a corporate security company. "
while i agree that there are some elderly people,and not all female either, that havent a clue what they are doing, i am increasingly finding that the elderly want to and do learn as much as they can about what they can do with their pc's and how to protect them.i find the above remark both sexist and ageist.we are not the senile lot some of you younger people think nor are we women as stupid as that excerpt implies.i have however come across a lot of youngsters who think they know it all,who seem to think that having virus protection and firewalls is all they need to do.being vigilent with emails/and putting unknowns onto their messenger lists isnt neccessary as far as they are concerned,the attitude is,with the antivirus/firewall protection they have got there isn't a thing they can do otherwise to stop a virus/worm if it gets through.and, at the risk of being called sexist here myself,most of those sort are young men.so please,less of the sexist/ageist talk?anyone of any age/sex can be lax in these things and frequently are.oh btw....i am a 61yr old "granny" who constantly tries to keep herself and her friends upto date with av information/has recently completed 2 websites on yorkshire and her family tree/learnt about using graphics/making web pages/html etc in the last 5 months.and i am not on my own as there is a group of us from 45-80 doing the same things.
The ISPs need to assume full responsibility for network security, and not slough it off on their customers. They have the resources, and are ideally positioned to detect viruses, spammers, etc, and nip the problem in the bud.
So let's not hear any more about ISPs telling customers about safe practices. They should be providing the necessary software and services.
I think it is up to users at the end of the day - but many are just un aware and therefore ISP's should take the leading role...
I personally think that the answer to the issue is that security needs to become more of a partnership between users & ISPs. We've all seen the rise of consumerism throughout the 90s, and of ideas such as 'Rights with Responsibilities.' Net security, to my mind, is like security for our homes, cars, or PCs, come to that. The police can help us, but ultimately, we do have an input ourselves. No-one [I hope! :)] would expect to learn potholing or snorkelling skills, without learning anything about safety, and I think that there is a parallel, especially as a major reason for using the net is surely that of increasing one's 'bank' of information. Hopefully, the 21st Century will see great reductions in the impact of malware, as we each (myself included) assist the ISPs in our own little way.