Speaker: Przemek Jaroszewski
Over the past few years botnets and malware controllers have evolved into very sophisticated environments. Using bulletproof hosting, fast flux and other techniques they have become more and more sustainable. Going after infected machines is like playing a whack-a-mole game and the fact that malware is hiding deep in the system and staying below users' radars does not help at all. At the same time e-crime has become a serious and organized business. Threats like DDoS and phishing are common, result in huge losses, and their mitigation requires prompt actions - something that law enforcement is not very good at. Do we have to lose this fight? Not if the ISPs start to act. Limiting users' access to harmful parts of the net can effectively cut communication between drones and controllers. It can also help to combat phishing and drive-by-downloads. The presentation will discuss self-regulations of ISPs in Poland, joint cooperation based on trust, technologies involving BGP and DNS blackholing, legal challenges, and the role of lawmakers and law enforcement.