US unveils initiatives to fight botnets

Powered by SC Magazine
 

Industry Botnet Group spearheads work.

The US Government has revealed new initiatives to combat botnets, believed to present one of the greatest threats to the integrity of the internet.

The initiatives stem from a voluntary public-private partnership between the White House Cybersecurity Office and the US Departments of Commerce and Homeland Security (DHS), which coordinate with private industry to lead the Industry Botnet Group (IBG), a group of nine trade associations and nonprofit organizations representing thousands of companies.

“The issue of botnets is larger than any one industry or country,” said White House Cybersecurity Coordinator Howard Schmidt at an event to announce the program (Schmidt recently announced his resignation).

Also present at the event were Federal Communications Commission Chairman Julius Genachowski, Department of Homeland Security Secretary Janet Napolitano, Under Secretary of Commerce for Standards and Technology Patrick Gallagher, and a number of industry CEOs.

An administration official said industry "deserves credit for the real work in getting this done". 

He said that the strategy goes back to a Commerce greenpaper on cyber security looking at areas where the government saw a solution in the private sector that could alleviate the botnet problem, but was not gaining traction and collective action.

"Companies didn't want to invest if other companies weren't," the administration official said.

A call went out from the Departments of Commerce and Homeland Security to the private sector to find ways to build incentives for companies to implement best practices around botnets.

"We were pleasantly surprised to find so much agreement," the official said.

A series of meetings at the White House followed, led by Schmidt, which led to the writing of IBG's "Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace," he said.

“Cybersecurity is a shared responsibility – the responsibility of government, our private sector partners and every computer user,” Napolitano said at Wednesday's event, according to a release. “DHS has set out on a path to build a cyber system that supports secure and resilient infrastructure, encourages innovation, and protects openness, privacy and civil liberties.”

The Online Trust Alliance (OTA) was also at the event to support the IBG's principles.

“We have a shared responsibility to commit resources to address the growing threats from botnets, which threaten to undermine the digital economy,” Craig Spiezle, executive director and president, Online Trust Alliance, said in a statement.

The IBG launched a list of principles for voluntary efforts to reduce the impact of botnets in cyberspace, including coordination across sectors, respect for privacy and sharing lessons learned.

IBG has also developed a framework for shared responsibility across the botnet mitigation lifecycle from prevention to recovery that reflects the need for ongoing education efforts, innovative technologies, and a feedback loop throughout all phases.

The Financial Services Information Sharing and Analysis Center (FS-ISAC), which cooperates closely with DHS and the Treasury Department, unveiled its work on a pilot to share information about botnet attacks this year.

The effort will lead to standards that can be more widely used for information sharing on botnets outside of the financial services sector. 

Several IBG members launched the “Keep a Clean Machine” education campaign for consumers supported by DHS, the Federal Trade Commission (FTC), the National Cybersecurity Alliance and several companies.

The FBI and Secret Service have recently stepped up private sector information sharing, and their coordinated efforts have shut down massive criminal botnets, such as Coreflood, which compromised millions of private computers and lead to the theft of millions of dollars.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


US unveils initiatives to fight botnets
 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 433

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 209

Vote