Botnets and other malware continue to threaten the computing environment online that our society relies upon for communication, commerce and collaboration. In the past several years, we along with industry partners have made great strides toward containing and even pushing back against security threats and collaboration is essential to driving this change in the IT ecosystem. We continue to believe a coordinated approach among industry participants is needed to help protect consumers, businesses and governments from cyber threats.

Today the U.S. Federal Communication Commission’s (FCC) Communications Security Reliability and Interoperability Council (CSRIC) voted to approve the Anti-Bot Code of Conduct for Internet Service Providers. The code represents an important commitment by the nation’s leading ISPs to help consumers prevent, detect and remediate bot infections. To participate in this Code, an ISP will engage in at least one activity in each of the following general areas:

  • Education - an activity intended to help increase end-user education and awareness of botnet issues and how to help prevent bot infections;
  • Detection - an activity intended to identify botnet activity in the ISP’s network, obtain information on botnet activity in the ISP’s network, or enable end-users to self-determine potential bot infections on their end-user devices;
  • Notification - an activity intended to notify customers of suspected bot infections or enable customers to determine if they may be infected by a bot;
  • Remediation - an activity intended to provide information to end-users about how they can remediate bot infections, or to assist end-users in remediating bot infections.
  • Collaboration - an activity to share with other ISPs feedback and experience learned from the participating ISP’s Code activities.

The code importantly covers all phases of botnet response. Education and prevention are critical to getting ahead of the problem. When an infection does occur we want to be able to detect it quickly and accurately before further harm can be done. ISPs can then notify the affected consumer in a manner that maximizes effectiveness and resists fraud. Finally, consumers are connected with guidance and tools to remediate the infection and bolster defenses against future threats. I’d be remiss to point out that the contents of this code are heavily based in the outstanding efforts that several ISPs already perform to help protect their customers.

I’m excited to see the United States join the growing roster of countries including Australia, Germany and Japan who have instituted similar codes or programs to help protect consumers from botnets. Managing these risks can be a daunting task, but absolutely achievable with a strong vision, global collaboration and perseverance to do the right thing.

Kevin Sullivan
Senior Security Strategist
Trustworthy Computing

Related posts: