US 'iCode' workgroup established

A US working group has been established to introduce a version of Australia's anti-botnet iCode into the country.

The Industry Botnet Group (IBG) aims to clean up and prevent botnets commonly used to send spam or deliver punishing distributed denial-of-service (DDoS) attacks.

The group was comprised of trade associations, companies and privacy and safety organisations and was intended to further collaboration and create a voluntary model under which internet service providers (ISPs) would notify consumers if their computers were infected.

It would also raise public awareness and provide online resources to help fight the botnet epidemic which has reached millions of computers worldwide.

In October, a request for information was aimed at gathering feedback for a program that would build incentive-driven codes of conduct for ISPs to voluntarily detect, notify and possibly assist in the removal of malware on consumers' machines.

While several ISPs in the US offer notification and remediation services for consumers, there was no uniform model that included three necessary characteristics -- awareness, prevention and privacy.

This is the overarching goal of the working group, Craig Spiezle, executive director and president of the Online Trust Alliance, a nonprofit online privacy organisation, told SCMagazine.com.

“For the efforts to combat bots to succeed, we have to take a holistic view,” Spiezle said. “Everything from detection and takedown to prevention and remediation, that's the position that many of us who are stakeholders believe.”

Spiezle said a meeting among key stakeholders in the working group and White House officials took place in December.

Under discussion was whether the response to the problem should be a private enterprise initiative or a government task force. Ultimately, the IBG settled on a multi-stakeholder collaborative industry effort.

“No disrespect to the government, but unless it's funding, I'm not really sure what they can provide,” Spiezle said. “There's clearly a role for ISPs, law enforcement and anti-virus providers. We need to all collectively look at the different touchpoints.”

Although it is still in the developing stages, the IBG feeds off of industry collaboration, a characteristic that contributes to a healthier internet ecosystem, he said.

“This is a problem that's hard to eradicate,” Spiezle said. “We want to see others step up to the plate.”

The IBG was forged as a result of a public feedback period coordinated by US Commerce and Homeland Security departments.