EU Proposal to force ISPs to share DDoS Information

The news that the EU's Cybercrime proposal, due for publication later in the year, is to include punitive measures against ISPs who do not cooperate promptly to block compromised machines is a welcome move in the fight against DDoS. However, whilst many European countries have signed up in principle to the Council of Europe's Cybercrime Convention there is still a number of mainly Eastern Europe states that have yet to agree. The fact that these Countries include Andorra, Azerbaijan, Georgia, Liechtenstein, Monaco, Russia, San Marino, and Turkey, many of the favoured locations of the bot-herders behind the hundreds of DDoS attacks hitting ecommerce businesses around the world, is not so good news. Unless these countries can be brought in line, this latest initiative is doomed to failure before it gets started. As they are outside the jurisdiction of the EU it is difficult to see what can be done to force compliance, hopefully the recent experience of the Lithuanians will help them to see that it is in everyone's interest to put their houses in order.