The Obama administration on Wednesday revealed new initiatives to combat botnets, believed to present one of the greatest threats to the integrity of the internet. Botnets are employed by cyber thieves to gain control of computers to perform illegal activities, including siphoning off assets, initiating denial of service (DoS) attacks, which could shut down a targeted website, or distributing spam.
The initiatives stem from a voluntary public-private partnership between the White House Cybersecurity Office and the U.S. Departments of Commerce and Homeland Security (DHS), which coordinate with private industry to lead the Industry Botnet Group (IBG), a group of nine trade associations and nonprofit organizations representing thousands of companies.
“The issue of botnets is larger than any one industry or country,” said White House Cybersecurity Coordinator Howard Schmidt at an event to announce the program (Schmidt recently announced his resignation). Also present at the event were Federal Communications Commission Chairman Julius Genachowski, Department of Homeland Security Secretary Janet Napolitano, Under Secretary of Commerce for Standards and Technology Patrick Gallagher, and a number of industry CEOs.
According to an administration official who spoke with SCMagazineUS.com on Friday, “industry deserves credit for the real work in getting this done.”
He said that the strategy goes back to a Commerce greenpaper on cyber security looking at areas where the government saw a solution in the private sector that could alleviate the botnet problem, but was not gaining traction and collective action.
“Companies didn’t want to invest if other companies weren’t,” the administration official said.
A call went out from the Departments of Commerce and Homeland Security to the private sector to find ways to build incentives for companies to implement best practices around botnets.
“We were pleasantly surprised to find so much agreement,” the official said.
A series of meetings at the White House followed, led by Schmidt, which led to the writing of IBG’s “Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace,” he said.
“Cybersecurity is a shared responsibility – the responsibility of government, our private sector partners and every computer user,” Napolitano said at Wednesday’s event, according to a release. “DHS has set out on a path to build a cyber system that supports secure and resilient infrastructure, encourages innovation, and protects openness, privacy and civil liberties.”
The Online Trust Alliance (OTA) was also at the event to support the IBG’s principles.
“We have a shared responsibility to commit resources to address the growing threats from botnets, which threaten to undermine the digital economy,” Craig Spiezle, executive director and president, Online Trust Alliance, said in a statement. “Preserving online trust and confidence needs to be a priority and the broad adoption of the Industry Botnet Group principles is an important step toward protecting the internet.”