The Obama administration will hold a public meeting at the White House on Wednesday to discuss industry and government efforts to combat botnet activity. Among those is a pilot program to share information about botnet victims between banks and Internet service providers, according to sources familiar with the event.
The gathering will draw officials from The White House, US Department of Commerce and Department of Homeland Security, as well as private-sector executives from an entity formed in February called the Industry Botnet Group. The IBG counts among its members trade associations, companies and privacy organizations that are working to create a voluntary model that ISPs can use to notify customers with infected computers.
Although a number of ISPs already notify customers of bot infections, there is no uniform method for reporting these events. Attendees at Wednesday’s meeting are expected to announce — among other things — an information sharing pilot between ISPs and financial institutions that are part of the Financial Services Information Sharing and Analysis Center, an industry consortium dedicated to disseminating data on cyber threats facing banks.
The pilot to be announced this week will draw on a nascent extension of IODEF, an Internet standard developed by the Anti-Phishing Working Group to share data about phishing attacks in a common format that can be processed automatically and across multiple languages.
The event will coincide with a workshop being held Wednesday by the National Institute of Standards and Technology, regarding the technical aspects of botnets.
Botnets are the engines driving nearly all criminal commerce on the Internet today, from spam, to malicious software and e-banking heists. Botnets also are the weapon of choice for launching distributed denial of service (DDoS) attacks aimed at knocking targets offline. In some cases, crooks conducting cyberheists against businesses have been launching DDoS assaults against the victim’s bank — as in the case of account takeovers involving the Gameover Trojan. Prolexic, a company that specializes in tracking and blocking DDoS attacks, recently said it logged an almost threefold increase in the number of attacks against its financial services clients during Q1 compared to Q4 2011.
This Web site has occasionally been the target of DDoS attacks. Last week, an army of more than 120,000 systems attacked KrebsOnSecurity.com, knocking it offline for several hours. Imagine Michigan Stadium entirely filled with sick computers instead of people, and you have some idea of the size of the zombie horde that marched on my site (there would still be about 5,000 to 10,000 computers left without seats).