ISP's, SURFnet and SIDN ready for the war against botnets

Published on: Friday 6 June 2014

AbuseHUB, the Dutch internet service providers’ shared system for tackling botnets, became formally operational today. Following a successful development and testing programme, the system is now all ready for use. The stakeholders accordingly gathered in Amersfoort this morning to celebrate the conclusion of the development phase.

Extended version of the AbuseHUB

Since the prototype version of AbuseHUB went live in November last year, the development team has been hard at work extending the systems and incorporating additional sources of information about botnet infections. As a result, the system now being rolled out has been comprehensively tested and is able to draw on valuable data from all over the world, maximising the capability to respond quickly and effectively to botnet infections.

Number of infections is high and rising

Botnets are networks of computers that, unknown to their owners, have been infected with a virus or other malware, enabling someone else to control them. Botnets are widely used for sending spam and mounting cyber-attacks. In most cases, botnet software barely affects the infected computer. Consequently, the owners are often unaware that anything is wrong. However, the activities of botnets can cause a lot of harm and inconvenience to others. Research by Delft University of Technology suggests that, over a year, between 5 and 10 per cent of consumers in the Netherlands suffer a botnet infection. The AbuseHUB partners are determined to get that figure down.

Strong response

AbuseHUB is an initiative by the Abuse Information Exchange, a platform on which KPN, RoutIT, SIDN, SOLCON, SURFnet, Tele2, UPC, XS4ALL, ZeelandNet and Ziggo all work together. The AbuseHUB collates, analyses and sorts botnet infection reports and sends the findings to the affiliated organisations. So the internet service providers have an up-to-date picture of reported infections in their networks, enabling them to work with their customers on swift, targeted action to deal with the infections.

Data sources: cooperation with NCSC

AbuseHUB obtains information about infections from various sources in the Netherlands and elsewhere. The information providers are known as ‘reliable notifiers’, because prior to acceptance they are carefully screened to verify the reliability of their information. The Abuse Information Exchange is currently talking to the Dutch National Cyber Security Center (NCSC) about the possibility of the Center supplying data to the AbuseHUB.

Comments

  • Monday 19 December 2016 About SIDN

    Reflecting on another successful Contact Day

    Videos of the presentations available

    Afbeelding van Reflecting on another successful Contact Day
    Read more
  • Thursday 18 May 2017 About SIDN

    'Now we can make ground with secure log-ins'

    SIDN and Connectis

    Afbeelding van SIDN and Connectis: 'Now we can make ground with secure log-ins'
    Read more
  • Friday 13 April 2018 Solutions

    Italian football giants Lazio hit by spear phishing with a lookalike domain name

    Dutch club Feyenoord left two million short

    Afbeelding van Italian football giants Lazio hit by spear phishing with a lookalike domain name
    Read more