Will Virus Rampage Increase Broadband Costs?
from the nothing-comes-easy-these-days dept
During the last few months we’ve seen broadband price wars breaking out around the world, as everyone tries to undercut each other (often with various tiers and capped systems). There’s also been an increase in the number of malicious viruses making the news. Now, some are wondering if these two trends will collide, and whether or not all those viruses are going to force broadband providers to increase prices. There are two reasons given for why viruses increase cost to the provider: first, especially with zombie spamming machines, the amount of bandwidth used is higher than expected, which could increase the costs of the bandwidth provider, while also slowing down the speeds of others on the system. Second, increasingly, customers are looking to their broadband service providers to help them deal with malicious attacks, which means the service providers need to hire more people to handle those issues – such as setting up “special response teams” and coming up with quick solutions to malicious attacks. So far, the article suggests, service providers have been afraid to raise prices (especially with all the price wars), but they may not be able to resist much longer. Of course, the alternative argument is that, perhaps, the broadband providers should be a bit more proactive in coming up with ways to prevent these types of attacks, rather than always dealing with the aftermath. Update: Of course, the idea of raising prices will look even worse considering a new study that claims broadband prices in the US are still way too high.
Comments on “Will Virus Rampage Increase Broadband Costs?”
Prices should be increased, for those infected!
In the security industry, which I work in, a virus infection or other security compromise often requires a significant amount of money to clean up and prevent from happening again. Most companies don’t have their own, internal computer security group, and thus must pay an external party to come in and fix their problems. This is chalked up to the cost of doing business, and most companies pay (if only to keep their names out of the press as being loose with their customer’s data.)
Broadband users should be viewed in the same light. If they become infected, and as a result they are used as a spam relay or for other nefarious purposes, they too should pay to have an external security person come in and fix their problems and set up solutions to keep the problem from happening again. If you really want to fix the problem, and get folks who really don’t care about implementing security on their computers, affect their pocketbook. But at the same time, you should reward folks who do care about security by not charging them the same fees or leveling out the costs of fixing the problems among all the users. That is just not fair!
Like the broadband providers care…most of them are so overwhelmed by security that they cannot even take the time to SSL their mail servers or even worse, their websites where they ask us to go in order to modify our accounts. I am surprised that there aren’t many broadband providers themselves that are vulnerable to these worms, since they seem to love Windows so much.
Of course, broadband providers need to be a little more receptive to those who actually care about security enough to install a firewall on their network to prevent an intrusion or other bad things from happening. How many times has my broadband provider slammed me for actually having an OpenBSD or Linux based firewall between my internal network and their network? Oh, plenty of times. Any time I’ve called to tell them that their mail server is down (unscheduled) or that their router appeared to be dropping 80% of my packets for an hour or so (almost a daily occurance now…) have they griped about me not having a Windows box online with their troubleshooting tools so they can troubleshoot my computer instead of their network… I allow pings in and pongs out from my firewall, yet that still isn’t enough for them.
Enforce Security
It would be a simple matter to force the users to clean up their own systems. All you need is an IDS setup to monitor the subnets the customers are on. Automate it so that if it detects a virus trying to infect from a PC it shuts down that account.
So say user A gets infected by Code Red. The IDS detects then, and emails an admin. He confirms, and shuts down the users access, and puts a comment on the users account as to why. If the user calls to complain he was shut down tell him to clean it up. Maybe even have a extra service they can pay for to clean it up for them.
This way the users who take care don’t get charged for cleaning up the infected PCs, and the service provider cleans up alot of useless network trafic, and the other users learn why security is important.
Yes they will probably loose customers that get pissed off that they need to pay to have their system cleaned. They will move to another service provider that dosen’t care. That provider will end up with so much uselss trafic on the network it bogs down(as all the infected PCs move from the first provider), or they have to raise rates to increase bandwidth. Then either they enforce security, or they loose customers that want better performance.
I doubt any service provider would do it because it would hurt the bottom line at the begging untill they could get rid of the extra bandwidth they had.
-Charles W.