Home / Blogs

How to Stop the Spread of Malware? A Call for Action

Wout de Natris

On Webwereld an article was published (in Dutch) following a new Kaspersky malware report Q1-2013. Nothing new was mentioned here. The Netherlands remains the number 3 as far as sending malware from Dutch servers is concerned. At the same time Kaspersky writes that The Netherlands is one of the most safe countries as far as infections go. So what is going on here?

Inbound, outbound and on site

From my anti-spam background I have the experience that as long as a spammer remains under the radar of national authorities, e.g. by making sure that he never targets end users in his own country, he is pretty safe. The international cooperation between national authorities is so low, that seldom that something happens in cross border cases. Priorities are mainly given to national cases as cooperation is near existent. (If priority is given to spam fighting at all.)

The same will be the case for the spreading of malware. National authorities focus on things national. Cross border issues are just too much of a hassle and no one was murdered, right?

Of course it is true that if the allegation is right and we are talking about 157 command and control servers for botnets on thousands and thousands if not millions of servers in The Netherlands, the 157 servers is a very low figure. This does not mean that we can ignore this figure if our country is the number 3 spewing malware country in the world. Something needs to happen. Preferably through self-regulation and if not that way, then through regulation.

If it is also true that it is the same few hosting providers that never respond to complaints, it is time to either make them listen or shut them down. There is no excuse for (regulatory) enforcement bodies not to do so. Harm is being done, the economic effects are huge and the name of The Netherlands is mentioned negatively again and again.

In January 2005 at OPTA we were very proud that we had dropped from the number 3 position worldwide for spamming to a position out of the top 20. In six months time! I do not think it is much harder to do so for sending malware.

A suggestion for an action plan

Here's an action plan:

  1. Give it priority
  2. Start a national awareness campaign
  3. Provide a final date to the hosting community
  4. Preferably coordinate on 1 to 3 with DHPA (Dutch Hosting Providers Association)
  5. Start acting against those that do not mend their ways.

And if anti-botnet infection centre ABUSE-IX starts doing its part on disinfecting end users' devices, The Netherlands may have a winning combination this way.

Of course this can be duplicated in your respective countries also for spam, malware, phishing, cyber crime, etc.

International cooperation

Of course the topics surrounding cyber security calls for international cooperation and coordination. In 2013 it is still virtually impossible to cooperate on cross border cyber crime, spam, the spreading of malware. This needs addressing on EU and world level. National institutions can not afford not to do so. Even if it is hard to give up a little national jurisdiction. There are in between forms, like coordination.


Let's push the boundaries for cyber threats back. It all starts with ambition. Experience shows that (the threat of) enforcement works. This isn't rocket science, it is about political will and insight.

By Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement. More blog posts from Wout de Natris can also be read here.

Related topics: Cybercrime, Internet Governance, Law, Malware, Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


There are more than enough best practices out there with a national approach Suresh Ramasubramanian  –  May 20, 2013 10:00 PM PDT

Policy + tech + engagement / capacity building + ... all the usual.  Needs someone to take them out of powerpoint and pdf and implement them "boots on the ground".  It also needs active action against botmasters (and possibly political pressure against countries that harbour them)

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum

Encrypting Inbound and Outbound Email Connections with PowerMTA

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

2015 Trends: Multi-channel, Streaming Media and the Growth of Fraud

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

"The Market Has No Morality" Sophia Bekele Speaks on Business Ethics and Accountability

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Dyn Comments on ICG Proposal for IANA Transition

Sponsored Topics


DNS Security

Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services


Sponsored by