The high level committee created to give the U.S. government the best possible telecommunications policy advice is preparing two reports for how to protect the government against “zombie” computers, also known as botnets. Botnets are often deployed to launch distributed denial-of-service (DDoS) attacks that swamp websites with so many connection requests they are forced offline.
The Internet and Communications Resilience Subcommittee of the Homeland Security Department’s National Security Telecommunications Advisory Committee (NSTAC) announced that the first study will be delivered to top Commerce Department and DHS officials in October. This report will focus on combating the cyber damage caused by botnets. The second report, which has no announced delivery date, will reportedly have the more ambitious goals of hampering the assembly of botnet armies in the first place.
Botnets are especially insidious because for the most part the device owners do not know they’ve been hijacked. For example, the well-publicized Mirai botnet in 2016 was powered largely by thousands of connected devices such as webcams and baby monitors running Linux. Botnets are a difficult challenge due to most users failing to follow basic cyber hygiene and most manufacturers failing to “bake” security into networked devices.
A recent article in Federal Computer Week focused in on the need for better security standards. Ari Schwartz, former senior director for cybersecurity at the National Security Council, spoke at a recent NIST event about better standards and more automation to fight botnets:
“You’ve got to get the standards in place,” he said. “You’ve got to get people doing it voluntarily and see how that goes for some period of time and then start mandating it as people are not doing it or in the areas they’re not doing it… Education works to some extent, notification works to some extent, but the scale we’re talking about, it’s not going to be the answer,” he said. “So it needs to be more of automated patching in this space.”
There have been some government successes in the botnet battle. In 2011 and 2012 the FBI greatly minimized the damage done by DNSChanger, which redirected the DNS records of over 4 million computers to make fraudulent advertising revenue for its Estonian-based hackers. In 2012, the FCC released the Anti Bot Code of Conduct, steps ISPs can take to weed out botnets on their networks.
In laying out steps the government can take against botnets, the NSTAC is doing exactly what it was chartered to do. Some of the most successful executives from private technology companies are pooling their expertise for the good of government networks. While none of them are public sector employees, we think they are acting as true GovTransformers!