According to the Online Trust Alliance (OTA), more than 10% of computers in the U.S. are infected by bots, malicious programs designed to steal passwords, send spam and create all sorts of other mischief on the web. But the OTA isn’t sitting idly by. In conjunction with the Federal Communications Commission (FCC), the OTA joined a unanimous vote yesterday to approve a new U.S. Anti-Bot Code of Conduct for Internet Service Providers (ISPs).
The new code, also dubbed the ABCs for ISPs, is part of a broader push by the FCC to involve Internet providers in proactive cybersecurity measures. Last month, FCC chairman Julius Genachowski hosted a panel on the topic outlining three major cybersecurity threats: bot networks (botnets), domain name fraud, and Internet route hijacking.
Yesterday, an FCC advisory committee – the Communications, Security, Reliability, and Interoperability Council (CSRIC) – agreed on three codes of conduct. In addition to the ABCs for ISPs, the committee also voted on a DNS Best Practices code, and an IP Route Hijacking Industry Framework.
On the botnet front, yesterday’s vote revealed for the first time the steps the FCC and the OTA would like ISPs to take in countering bot attacks. The code they introduced is voluntary for ISPs, but future OTA reports will highlight which service providers are supporting the code as part of their cybersecurity efforts. The OTA notes that Comcast and CenturyLink are already participating in the program. AT&T, Cox, Sprint, Time Warner Cable, and Verizon have all pledged to follow the code as well.
The new Anti-Bot Code of Conduct focuses on five key areas: education, detection, notification, remediation, and collaboration. ISPs must “take meaningful action” in each area, as defined below, in order to participate.
- Education - an activity intended to help increase end-user education and awareness of botnet issues and how to help prevent bot infections;
- Detection - an activity intended to identify botnet activity in the ISP's network, obtain information on botnet activity in the ISP's network, or enable end-users to self-determine potential bot infections on their end-user devices;
- Notification - an activity intended to notify customers of suspected bot infections or enable customers to determine if they may be infected by a bot;
- Remediation - an activity intended to provide information to end-users about how they can remediate bot infections, or to assist end-users in remediating bot infections;
- Collaboration - an activity to share with other ISPs feedback and experience learned from the participating ISP's Code activities.