White House Botnet Offensive Enlists Government, Industry
Modernizing Authentication — What It Takes to Transform Secure Access
The White House has announced a series of initiatives in partnership with government agencies and the private sector to combat botnets. The initiatives, which were announced May 30, are the result of a partnership between the Homeland Security and Commerce Department, the White House Cybersecurity Office and a coalition of trade associations and non-profits known as the Industry Botnet Group (IBG).
"The issue of botnets is larger than any one industry or country," said White House Cybersecurity Coordinator Howard Schmidt, in a statement. "This is why partnership is so important. The principles the IBG are announcing today draw on expertise from the widest range of players, with leadership coming from the across the private sector, and partnering with the government on items like education, consumer privacy and key safeguards in law enforcement."
As part of the effort, the Financial Services Information Sharing and Analysis Center (FS-ISAC) is working on a pilot program to share information about botnet attacks this year with organizations and people outside the financial sector. In addition, the FBI and U.S. Secret Service have stepped up information sharing with the private sector and have worked together to shut down botnets such as Coreflood.
The initiatives are rounded out by the efforts of IBG, which launched a consumer education campaign called "Keep a Clean Machine" and released its "Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace."
These principles call on Internet users to voluntarily:
Share cyber-responsibilities by employing reasonable technologies to thwart the effectiveness of botnets across all phases of the mitigation lifecycle: prevention, detection, notification, remediation and recovery.
Coordinate across sectors in order to better analyze, prevent and combat threats.
Confront the problem globally through cross-border collaboration.
Report lessons learned with partners in the Internet ecosystem.
Educate users by making information and resources available to them.
Preserve flexibility for responses by different entities to an ever-evolving threat environment.
Promote innovation to foster technological advances.
Navigate the complex legal environment.