M3AAWG to Aggregate First ISP Bot Stats in Support of FCC Cybersecurity Efforts

San Francisco, Feb. 21, 2012 – The first program to report the number of bots logged by ISPs and network operators is being organized by the Messaging Anti-Abuse Working Group (M3AAWG) as part of a voluntary joint industry-government council under the U.S. Federal Communications Commission. The M3AAWG bot metrics report will include the only data aggregated directly from network operators and will be released later this year, according to Michael O’Reirdan, M3AAWG Chairman. The project is being developed in conjunction with the CSRIC Botnet Remediation Working Group 7, also chaired by O’Reirdan, as part of the FCC’s private industry-government cooperative to enhance online security. FCC Chairman Julius Genachowski will outline the work of the Communications Security, Reliability and Interoperability Council (CSRIC) in a speech on cybersecurity Feb. 22 at the Bipartisan Policy Center in Washington, D.C. A bot is malicious code or a virus downloaded to end-users’ computers without their knowledge. Bots on individual computers are strung together into covert networks, called “botnets,” and controlled by cybercriminals for illicit purposes, such as stealing personal identity information, sending spam, launching website attacks and other fraudulent activities. The new CSRIC-requested report will measure the number of bot-infected users each quarter and participation is voluntary. The data will be reported only as a total calculation and the contributing operators will not be identified, according to O’Reirdan. Network operators can participate by contacting M3AAWG through the organization’s website at www.M3AAWG.org/contact. M3AAWG has issued a similar quarterly spam metrics report since 2007 with data on the volume of abusive email identified by network operators. That report has consistently shown that mailbox providers stop almost 90 percent of spam before it reaches end-users’ inboxes. The CSRIC Working Group 7, which includes numerous M3AAWG member companies, is developing bot remediation practices outlining how ISPs should remove malware from end-users computers and the metrics to measure the industry’s progress in cleaning up the Internet. O’Reirdan has been actively directing M3AAWG efforts to aggressively tackle malware and was appointed to chair the related FCC CSRIC working group last year. The Messaging Anti-Abuse Working Group recently changed its name to M3AAWG – or M3 for Messaging, Malware and Mobile – because it wants to encourage the cooperation among experts in these areas that is necessary to better protect end-users. About the Messaging Anti-Abuse Working Group (MAAWG) The Messaging Anti-Abuse Working Group (M3AAWG) is where the messaging industry comes together to work against spam, malware, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) – or M3 for Messaging, Malware and Mobile – represents more than one billion mailboxes from some of the largest network operators worldwide. It is the only organization addressing messaging abuse by systematically engaging all aspects of the problem, including technology, industry collaboration and public policy. M3AAWG leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services, including mobile. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is an open forum driven by market needs and supported by major network operators and messaging providers. # # # Media Contact: Linda Marcus, APR, 1-714-974-6356, LMarcus@astra.cc, Astra Communications MAAWG Board of Directors: AOL; AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; France Telecom (NYSE and Euronext: FTE); La Caixa; Message Bus; PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc. MAAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Experian CheetahMail; Genius.com; iContact; Internet Initiative Japan, (IIJ NASDAQ: IIJI); MailUp; McAfee Inc.; Message Systems; Mimecast; MXTools; Proofpoint (everyone.net); Scality; Spamhaus; Sprint; Symantec; and Trend Micro, Inc. A complete member list is available at http://www.M3AAWG.org/about/roster.