White House launches coordinated effort to battle botnets
Several groups announce plans to work together on new efforts to educate users, share information
IDG News Service - The U.S. government has launched a coordinated effort with several trade groups and private companies to combat botnets and educate affected computer users, the White House announced Wednesday.
The new effort to fight the large networks of compromised computers will involve a range of activities, including plans to share information about botnets among government and private organizations and a nationwide consumer education campaign, members of President Barack Obama's administration announced.
Improved cooperation is needed to combat botnets, groups of infected computers that can be controlled by third parties, officials said. Botnets are often used to spread malware and to launch large-scale attacks on websites and Internet-connected devices.
"This is much larger than any one company, any specific country, any specific government or any individual," White House Cybersecurity Coordinator Howard Schmidt said during a launch event at the White House. The U.S. government is teaming up with Internet service providers, privacy groups, search engines, trade associations, Internet companies and education groups to "tackle this on all fronts," he said.
Botnets are especially dangerous because they use "our own computers against us," Schmidt added.
About 5 million computer systems were infected with botnet malware in the first quarter of 2012, said Michael DeCesare, co-president at security vendor McAfee. About one in 10 U.S. computers is infected with botnet malware, officials said.
Combating the problem will require organizations across the Internet to work more closely together, DeCesare said.
"We need to make sure these machines do not get infected in the first place," he said."We need to do this by delivering security at a faster pace than our adversaries can deliver malware."
Among the initiatives announced Wednesday is a set of voluntary principles aimed at reducing the impact of botnets. The principles, from the 8-month-old Industry Botnet Group, call on companies to work together to prevent and detect botnets and to notify users when they are infected.
The principles also call on companies to share information about their lessons learned while fighting botnets, to educate users about botnets and to protect user privacy.
"Every participant has a role in helping to reduce the impact," said Liesyl Franz, vice president for cybersecurity policy at TechAmerica, a member of the botnet group. "That is why we came together, to work together."
Eleven groups are members of the Industry Botnet Group, including the Business Software Alliance, StaySafeOnline.org and the Software and Information Industry Association.
In addition, several members of the Industry Botnet Group announced they are launching a consumer education campaign, Keeping a Clean Machine, supported by the U.S. Department of Homeland Security, the U.S. Federal Trade Commission and the National Cybersecurity Alliance.
Also, the U.S. Financial Services Information Sharing and Analysis Center announced Wednesday that it has begun working on a pilot program to share information about botnets. Organizers hope the effort will lead to new standards for sharing information about botnets, the White House said.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is email@example.com.
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Why You Need a Next-Generation Firewall This white paper explores the reasons for implementing next-generation (NG) firewalls and lays out a path to success for overburdened IT organizations.
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Malware and Vulnerabilities White Papers | Webcasts