- Jan 2010
The Government and ISPs At Odds Over Fighting Botnets
Both the U.S. government and the country’s internet service providers (ISP) agree that botnets are among the greatest threats facing Web users.
But they can’t yet agree on what to do about it, because the ISPs aren’t exactly the biggest fans of a government document calling for them to establish voluntarily, industry-wide standards for detecting and fighting threats.
That was the major, unfortunate conclusion that came out of a contentious panel discussion on Tuesday featuring the White House cyber security coordinator, cyber experts at the Department of Homeland Security and the Department of Commerce and an ISP industry trade representative.
The U.S. government defines botnets as collections of compromised computers that are remotely controlled by a malevolent party. The networks are often used to launch crippling attacks against third parties online.
A recent study by Microsoft found the U.S. lead the world in terms of the number of computers infected with botnet malware, 2.2 million, compared to second-place Brazil’s 500,000. Globally,McAfee reported in late 2010 that it was seeing an average of 6 million new botnet infections every month.
(snip ... )
Also, the document provides three degrees of botnet fighting standards that would involve varying levels of government participation: From none, in the “private sector run and supported model,” to some government services for helping to notify users in a “public/private partnership,” to one where the government provides the central resource for helping consumers fix botnets.
Clearly, the federal agencies are right now pursuing the second model, but the ISPs argue that they are already doing a good enough job at helping customers, and that it is the government’s lack of clarity on legality and liability issues - such as if ISPs can be prosecuted for accessing customer’s private information - that is holding them back from doing a better job. Also at stake is who would pay for such botnet fighting services.
The government’s document points to successful public/private partnerships in Australia, Japan and Germany, each with its own unique features, that have all seen some gains in helping users detect and clean up botnets on their computers. Yet American ISPs say the situation here is much different and so those models aren’t necessarily applicable.
As Michael O’Reirdan, chairman of the Messaging Anti-Abuse Working Group, a global industry trade organization, said during the discussion: “There’s an emerging worldwide consensus something needs to be done.” But he also added: ” You can’t just focus on ISPs…end users have to be sensible…[cyber security] tools vendors need to come up with better tools.”
more: The Government and ISPs At Odds Over Fighting Botnets | TPM Idea Lab
The emergency worldwide consensus seems like a big duh! assessment. Better tools would be great. And a public/private partneship with ISPs would be great too. It seems like ISPs are in a position to know if there are botnets running or not. Why not use that information and do something about it?
Other links, from following the intra-article Microsoft detected 2.2 million infected computers link in story: