ISP's, SURFnet and SIDN ready for the war against botnets

Published on: Friday 6 June 2014

AbuseHUB, the Dutch internet service providers’ shared system for tackling botnets, became formally operational today. Following a successful development and testing programme, the system is now all ready for use. The stakeholders accordingly gathered in Amersfoort this morning to celebrate the conclusion of the development phase.

Extended version of the AbuseHUB

Since the prototype version of AbuseHUB went live in November last year, the development team has been hard at work extending the systems and incorporating additional sources of information about botnet infections. As a result, the system now being rolled out has been comprehensively tested and is able to draw on valuable data from all over the world, maximising the capability to respond quickly and effectively to botnet infections.

Number of infections is high and rising

Botnets are networks of computers that, unknown to their owners, have been infected with a virus or other malware, enabling someone else to control them. Botnets are widely used for sending spam and mounting cyber-attacks. In most cases, botnet software barely affects the infected computer. Consequently, the owners are often unaware that anything is wrong. However, the activities of botnets can cause a lot of harm and inconvenience to others. Research by Delft University of Technology suggests that, over a year, between 5 and 10 per cent of consumers in the Netherlands suffer a botnet infection. The AbuseHUB partners are determined to get that figure down.

Strong response

AbuseHUB is an initiative by the Abuse Information Exchange, a platform on which KPN, RoutIT, SIDN, SOLCON, SURFnet, Tele2, UPC, XS4ALL, ZeelandNet and Ziggo all work together. The AbuseHUB collates, analyses and sorts botnet infection reports and sends the findings to the affiliated organisations. So the internet service providers have an up-to-date picture of reported infections in their networks, enabling them to work with their customers on swift, targeted action to deal with the infections.

Data sources: cooperation with NCSC

AbuseHUB obtains information about infections from various sources in the Netherlands and elsewhere. The information providers are known as ‘reliable notifiers’, because prior to acceptance they are carefully screened to verify the reliability of their information. The Abuse Information Exchange is currently talking to the Dutch National Cyber Security Center (NCSC) about the possibility of the Center supplying data to the AbuseHUB.


  • Wednesday 12 July 2017 Knowledge bank

    Trust anchor installation for new root KSK

    Prevent websites becoming unreachable

    Afbeelding van Trust anchor installation for new root KSK
    Read more
  • Tuesday 24 April 2018 Internet security

    Signing of government domains: rapid progress continues

    In the Netherlands, 80% of government websites are now signed

    Afbeelding van Signing of government domains: rapid progress continues
    Read more
  • Tuesday 21 August 2018 Internet security

    Salaries stolen using hacked e-mail addresses

    Tips on setting secure passwords

    Afbeelding van Salaries stolen using hacked e-mail addresses
    Read more