White House Targets Botnets With New Plan
From: PC Magazine
By Chloe Albanesius
Beware, botnets. The White House is coming for you.
As part of the Industry Botnet Group (IBG) – formed in September 2011 – the Obama administration, the Homeland Security Department, and nine private groups today unveiled several new initiatives designed to combat botnets.
Botnets are a large group of compromised computers used to generate spam, relay viruses, or flood a network or Web server with excessive requests to cause it to fail.
“The issue of botnets is larger than any one industry or country. This is why partnership is so important,” White House Cybersecurity Coordinator Howard Schmidt said in a statement. “The principles the IBG are announcing today draw on expertise from the widest range of players, with leadership coming from the across the private sector, and partnering with the government on items like education, consumer privacy and key safeguards in law enforcement.”
IBG today unveiled a four-point plan intended to combat these botnets.
- Voluntary Principles: These principles are intended to increase coordination across sectors and reduce the impact of botnets. “IBG has also developed a framework for shared responsibility across the botnet mitigation lifecycle from prevention to recovery that reflects the need for ongoing education efforts, innovative technologies, and a feedback loop throughout all phases,” the group said.
- Data-Sharing Pilot: The Financial Services Information Sharing and Analysis Center (FS-ISAC) kicked off a pilot program intended to share information about botnet attacks in 2012. FS-ISAC will work with DHS and the Treasury Department to develop standards for information sharing about botnets outside the financial sector.
- Keep a Clean Machine: Partners like Microsoft are teaming up for the “Keep a Clean Machine” campaign, an education campaign intended to help stop computer infections.
- Private Sector Information Sharing: The White House said the FBI and Secret Service have “recently stepped up private sector information sharing,” which led to the shutdown of botnets like Coreflood.
Schmidt and industry execs from firms like McAfee outlined the plan and their concerns about botnets at a White House cyber-security summit this morning.
The administration stressed that its program is voluntary. The new initiatives “do not prescribe any particular means or method and allow for flexibility in application by a wide range of participants and business models,” the White House said.
In recent months, botnets like Kelihos/Hlux and Zeus have been conquered, but security experts warned last month that until the criminals in charge are apprehended, there will be new ones springing up to replace them pretty quickly.