German Government to Help Rid Computers of Malware

German Government to Help Rid Computers of Malware - ISPs will identify infected customers and direct them to a special website - Softpedia:

"The German government plans to launch a major botnet-cleaning operation in the country in 2010. ISPs will identify and contact the owners of infected computers and a specialized call center will be created to offer assistance with cleaning the malware.

The project is a joint initiative of the German Federal Office for Information Security (BSI) and eco, the Association of the German Internet Industry. The plan was announced on December 8, during the fourth national IT-Summit in Stuttgart and the advisory center is scheduled to go live in 2010.

The strategy is aimed at moving Germany out of the top 10 countries harboring malware. According to recent studies, the country currently occupies the third spot on a list that ranks countries by the number of infected hosts and the planners estimate that one in four German computers is currently infected.

If the project becomes a reality, the German ISPs will take it upon themselves to detect infected computers, most likely by watching connections to known botnet command and control servers. The owners of the compromised systems will first be notified via telephone or post and directed to a special website, which contains tools and advice for removing malware.

If the user fails to resolve the problem using the information on this website, they will receive a code to use when calling a specialized call center. This center will be funded by the government and will employ 40 IT specialists. No costs have been revealed so far.

The plan raises some concerns, as it is illegal in Germany to intercept Internet communications. However, the country's Telecommunications Act does allow ISPs to do it if the traffic represents a threat to their systems. Some bloggers go as far as calling it a subsidy for Microsoft, because it discourages users from looking into more secure operating systems such as Linux.

ISPs taking a pro-active role in the fight against malware is seen as something good by the infosec community, which has long criticized their passive approaches. Comcast, one of the largest Internet providers in the U.S. is testing an in-browser notification system, which automatically alerts infected customers and directs them to a website with malware-cleaning instructions and tools."