X

White House prepares to convene anti-botnet summit

At an event Wednesday morning in Washington, D.C., industry representatives will announce plans to fight back against botnets, which have become the Internet's leading security threat.

Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
See full bio
Declan McCullagh
2 min read
Over half of computers infected by the Flashback Trojan malware are in the United States, according to Russian antivirus company Dr. Web.
Over half of computers infected by the Flashback Trojan malware are in the United States, according to Russian antivirus company Dr. Web. Dr. Web

The White House is planning to convene a cybersecurity summit Wednesday morning to discuss ways to counter botnets, which have emerged as the leading Internet security threat.

Industry representatives are planning to announce a nine-point plan that includes sharing more information about identifying botnets -- and how to help their customers remove the malware from their computers.

The forum, which will be closed to the press but Webcast on the White House Web site starting at 5:30 a.m. PT, will be hosted by Howard Schmidt, who said earlier this month he will retire after three years as cybersecurity coordinator. Homeland Security Secretary Janet Napolitano and NIST director Patrick Gallagher are also expected to attend.

Criminals, including organized crime groups in non-U.S. countries, have had remarkable success in turning computers -- mostly Windows PCs but not always -- into unwitting members of botnets.

In March, Microsoft and financial services organizations, with an escort of U.S. Marshals, seized command-and-control servers allegedly used to steal more than $100 million using an estimated 13 million computers infected with the Zeus malware. A month earlier, the Kelihos botnet -- which could send an estimated 3.8 billion spam e-mails a day -- resurfaced after Microsoft and Kaspersky Lab took it offline. Another counterattack appeared to have more success.

Botnet authors are becoming more savvy. McAfee, which is sending co-president Michael DeCesare to the White House event, recently identified malicious botnet code posted on the Pastebin file-sharing site. The botnet application took pains to conceal its existence from tools like Wireshark that could be used to detect what packets are traveling over the network connection.

In a blog post last week, Schmidt wrote that he will be hosting "government and industry executives to announce efforts to address one of the biggest risks to Internet security: botnets. We will showcase industry's collaborative work to develop solutions to counter botnet threats."

An alliance of primarily trade associations called the Industry Botnet Group, which includes the Financial Services Roundtable, the Business Software Alliance, large cable providers, and other Internet service providers, are planning to elaborate on their plans for information-sharing at tomorrow's White House event.

One point they're planning to stress, especially in the wake of the outcry over a cybersecurity bill called the Cyber Intelligence Sharing and Protection Act, is that any increased monitoring for botnets will not invade their customers' privacy. Comcast said in 2010 that would begin offering all of its Internet customers a free service that alerts them if their computer appears to be infected with botnet malware.

CISPA, which would allow but not require companies to release confidential customer data, has sat moribund in the U.S. Senate after the Obama administration threatened a veto last month on privacy grounds.