ISP Ziggo transparent about procedure to counter malware and spam

The American security firm WatchGuard recently published a ranking of IP addresses responsible for the most spam. Dutch ISP Ziggo had the dubious honour to find the IP addresses of two of her clients on that list. One of them even took first place, the other was the ninth-worst. “We are The Netherlands’ largest ISP, so we run the biggest risk of appearing on the list,” a spokesperson of Ziggo reacted.

Speaking with the editors of security.nl, Ziggo is surprisingly frank about the procedure the ISP has when their network is used to spread spam or malware. “Normally, when we receive multiple warnings, we contact the user and warn him.” In most cases, the user has no idea and a malware infection is the likely cause. Ziggo then offers to help by remotely logging in to remove the infection. As most users are completely unaware of the unwanted net traffic they cause, Ziggo’s help is usually much appreciated.

If a client refuses the help and continues to spam, it is likely that he himself is causing the trouble. If that turns out to be true, Ziggo sometimes cuts off that modem, on grounds of a violation of the terms of use. Ziggo’s spokesperson indicates that this rarely happens.

For a smoothly functioning information society, it is very important that ISPs take steps to counter disruptive activities like spamming and the spread of malware. The way that Ziggo takes this up, warning and offering to assist before cutting the connection and especially their transparency about this procedure does them credit.