Botnet Battle Plan Unveiled

Thursday, May 31, 2012 @ 01:05 PM gHale

Malicious botnets are a growing online threat and the Obama administration and the private sector want to do something about it.

A set of principles from the Industry Botnet Group and the Homeland Security and Commerce departments, addresses the challenge of botnets across the Internet. In addition to this framework for collaboration, the government also will step up public outreach efforts to educate users about online threats and will coordinate efforts to address the technical threats posed by botnets.

Malware Continues Growth Cycle
Spam Drops; Malicious Attachments Hike
Email Provider Phishing Attacks Up 333%
Phishing Ploy Garners Logins

Botnets are networks of compromised computers that command-and-control servers operated by criminals can coordinate. Malware on compromised computers can update and end up used for a variety of purposes, including information stealing, spamming, mounting distributed denial-of-service attacks and infecting new computers. The networks often end up rented out by their controllers for malicious purposes, and because of their distributed nature they can be difficult to defend against.

The Industry Botnet Group formed in January as a result of a Commerce Department effort to develop a consensus on how to combat the threat of botnets.

Because botnets extend from individual user devices through networks and service providers and can threaten a government and private-sector enterprises with a variety of high- and low-tech exploits and attacks, there needed to be a unified effort to address them. One of the group’s first goals was to develop a set of voluntary principles for cooperation across organizations and sectors:
• Share cyber responsibilities. Participants should employ reasonable technologies and sound practices to thwart the effectiveness of botnets across entire life cycle of botnet defense, including prevention, detection, notification, remediation and/or recovery.
• Coordinate across sectors. To better analyze, prevent and combat threats, participants should share information about botnet incidents and other malicious activities among public, private, and nonprofit stakeholders.
• Confront the problem globally. Cyber security, and specifically the proliferation of botnets and malware, is a global problem requiring global attention, and participants should foster greater cooperation and cross-border collaboration between and among industry and government.
• Report lessons learned. In the appropriate manner and context, participants should share lessons learned on the effectiveness of tactics, technologies, practices and other measures to thwart the effectiveness of botnets.
• Educate users. Participants should make available access to resources to help educate customers to defend against and remediate from infections by botnets and malware.
• Preserve flexibility. There is no single solution to address the dynamic threat of botnets and malware, and efforts should remain flexible, allowing participants to undertake activities as appropriate.
• Promote innovation. Efforts to reduce the impact of botnets and malware should promote innovation supporting new technologies, strategies, approaches and participants to better combat threats and protect customers.
• Respect privacy. Participants should address privacy and abide by applicable laws and practices.
• Navigate the complex legal environment. Any initiatives undertaken by participants to reduce the impact of botnets should address barriers to addressing cyber threats in the complex global legal and regulatory environment, while complying with applicable laws and regulations.

Leave a Reply

You must be logged in to post a comment.