Malware infected computers is a problem that effects all Internet users, as the infected machines can be strung together in botnets to launch denial of services attacks and spam campaigns. Currently, cleaning up infected computers is the sole responsibility of individual users and ISPs are often reluctant to get involved.
Under a newly proposed scheme by a researcher at the University of Cambridge, the government could be a place to turn. Richard Clayton of the Computer Laboratory at the University of Cambridge, recently presented a paper titled “Might Governments Clean-up Malware?” at the Ninth Workshop on the Economics of Information Security (WEIS 2010) in which he called for government to provide subsidies for malware clean-up efforts.
“For the Internet to be safer for everyone, ‘something must be done’ to clean-up the infected computers,” he said. “But there are a number of barriers to this – mainly to do with incentives.”
A central concern for individuals who are the victims of malware infection is the cost of cleaning their machines.
“The cost cleaning up malware is obviously a key issue,” Clayton said. “The perception of it being a complex task, with expert help expensive and essential, goes a long way to explaining why customers delay malware removal and why ISPs are generally so reluctant to offer assistance.”
To address the issue of cost, Clayton proposes that the government provide subsidies to encourage malware clean-up.
“There might be a role here for government to step in and subsidize the clean-up,” he said. “Such a subsidy will go a long way towards improving the incentive issues.”
The malware plague can hit even the most cautious of Internet user and can affect other users not directly infected. Users generally discover infections via detection software or being notified of a problem, generally by an ISP or system administrator.
“Once the user is aware that they have malware on their computer then they should always wish to remove it, and if well-enough informed they will generally do so,” Clayton said.
However, the complexities and perceptions surrounding malware generally mean that users consult others to clean their machines. Often, individuals consult family and friends, computer stores or their ISP.
Within Germany, Holland and Australia, ISPs have entered into a mutual agreement to deal with botnets. In the United States, Comcast has partnered with McAfee to provide clean-up services to customers.
In Clayton’s model, an ISP would receive an abuse report about a user and notify the customer of the infection. The customer could then clean their system using free tools or have their computer cleaned by a technician for a nominal fee.
On top of the nominal fee, the government would pay the rest of the bill for cleaning the malware. In addition to reducing data loss among citizens, “the rapid correction of the malware infection should prevent any loss of confidence in using the Internet,” Clayton said.
“Keeping confidence in the Internet high is an essential prerequisite to tempting people online, and keeping them there,” he added.
While the private sector would provide the clean-up services, the involvement of the government would provide added credibility, according to Clayton.
“The involvement of the government makes it easier to cajole ISPs into doing their part, and provides important assurance to citizens that the scheme is bona fide and that quality controls will be in place,” he said.
For Clayton, the lack of action by the majority of industry and the interconnectedness of the Internet keeps this issue within the purview of the government.
“Given that almost every wickedness on the Internet is underpinned by malware-infected computers … this is clearly a legitimate area for government to consider getting involved in, and putting up money to improve,” he said.