US ISP providers pledge anti-botnet effort

US ISPs to help customers with botnets

US internet service providers (ISPs) have told communications regulators they will work to detect botnets on customers’ computers and help them get rid of the malicious software.

Comcast Corp, CenturyLink and some small ISPs already contact customers whose computers have software surreptitiously installed so they are roped into botnets, a collection of affected computers.

A single hacker can remotely control thousands of machines, using them to send spam aimed at stealing personal or financial data.

Policymakers are eager to get industry more involved in policing botnets and preventing security problems from slowing the growth of the internet market, worth about $8 trillion a year. But most ISPs do not warn customers whose computers are in botnets because the effort is expensive and some customers may regard the monitoring as a violation of their privacy.

Following a firm push from the Federal Communications Commission (FCC), eight large ISPs in an industry working group told the FCC on Thursday that they would not only work to detect botnets on their networks, but would also help affected customers find resources to clean up their computers.

FCC Chairman Julius Genachowski said the working group had identified "smart, practical, voluntary solutions that are consistent with these principles, will materially improve our cybersecurity."

The companies announced two other steps on Thursday. They also said they would implement a more secure version of the website naming system, called DNSSEC, to prevent thieves from posing as a bank, for example, by using a similar domain name to steal money from its customers.

They also pledged to take steps to ensure that web traffic goes through the shortest and most reliable routes. The goal would be to prevent a repeat of a 2010 incident in which some 15 per cent of internet traffic was diverted through Chinese servers for about 18 minutes. The reason for the diversion, whether an innocent mistake or cyber espionage, has never been established.

The companies which have already implemented the three steps or will implement them are AT&T, Comcast, CenturyLink, Cox , Sprint Nextel Corp, Time Warner Cable, T-Mobile USA and Verizon Communications.

Genachowski estimated that these companies served 80 per cent of US internet users.

James Lewis, a cybersecurity expert with the Center for Strategic and International Studies, said the ISPs' commitment was "a big deal against botnets."

"Right now the US is one of the biggest source of botnets in the world. I always tell foreigners it's not because we're malicious; it's because we're incompetent," Lewis said.

But experts also pressed for efforts to stop the more sophisticated hacks, like the attacks on defence contractor Lockheed Martin Corp, Google, Citigroup bank and exchange operator Nasdaq OMX.

And Dmitri Alperovitch, a cybersecurity expert, said he worries that other nations' wholesale theft of business secrets, intellectual property and classified data will not stop because of the steps announced on Thursday.

"It doesn't mean that it's bad. You just have to realize that against the nation-state threat, those things will fail," he said.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them

Close