Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses

An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."

Verizon/UUnet used to be the best

[kevmeister]

A few years ago, Verizon employed some to the best people in the best people in the world to handle network and routing security. They were very responsive to reports of address hijacking and related issues. Those folks have all left Verizon since they bought UUnet, though the rush for the door didn't start until about 4 years ago.

This all happened about the time I left the operational world and started moving into retirement, so I don't know the people who replaced them, but I am sure that, if they were replaced at all, that the new people were not of the caliber of those who left.

As is often the case, network security seems to have been declared a low priority at Verizon. after all, it does not make them any money. Of course, if they become known for bad security, it could have an impact on the bottom line at some point.

Re:Eliminate the Corporation Shield

[HiThere]

That's not the corporate shield. The corporate shield protects minority stockholders (I think less than 10% of the stock) from liability. The executives, board, and majority stockholders are protected by the much simpler approach of nobody caring to prosecute them.