Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

5/30/2012
04:00 PM
50%
50%

Obama Administration Partners With Industry To Fight Botnets

At a White House event Wednesday, officials unveiled a series of initiatives meant to fight botnet infections

The U.S. government announced a series of initiatives today in partnership with the private sector to fight botnet activity.

The initiatives, which were announced at an event at the White House, are the result of a partnership between the Homeland Security and Commerce departments, the White House Cybersecurity Office, and a coalition of trade associations and nonprofits known as the Industry Botnet Group (IBG).

"Cybersecurity is a shared responsibility -- the responsibility of government, our private sector partners, and every computer user," said Janet Napolitano, Secretary of Homeland Security, in a statement. "DHS has set out on a path to build a cyber system that supports secure and resilient infrastructure, encourages innovation, and protects openness, privacy and civil liberties."

As part of the effort, the Financial Services Information Sharing and Analysis Center (FS-ISAC) is working on a pilot program to share information about botnet attacks this year with organizations and people outside of the financial sector. Officials also announced the FBI and U.S. Secret Service have recently stepped up information-sharing with the private sector and have worked together to shut down botnets, such as Coreflood.

[ Efforts are under way to get more accurate accounting of bot-infected machines. See How To Better Measure Botnet Size. ]

The other initiatives detailed today include the efforts of IBG, which launched a consumer education campaign called "Keep a Clean Machine" and released its "Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace."

These principles call on Internet users to voluntarily:

● share cyber-responsibilities by employing reasonable technologies to thwart the effectiveness of botnets across all phases of the mitigation life cycle: prevention, detection, notification, remediation, and recovery;

● coordinate across sectors in order to better analyze, prevent, and combat threats;

● confront the problem globally through cross-border collaboration;

● report lessons learned with partners in the Internet ecosystem;

● educate users by making information and resources available to them;

● preserve flexibility for responses by different entities to an ever-evolving threat environment;

● promote innovation to foster technological advances;

● respect privacy; and

● navigate the complex legal environment.

"It takes a global village, with all the suppliers involved, to fight bots," said Michael O'Reirdan, chairman of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), in a statement. "The only way to effectively protect consumers is for the operators, vendors and other participants serving the Internet ecosystem to recognize their shared responsibility in addressing the problem and then integrate the appropriate defenses into their daily business practices. The IBG principals encourage the industry to be assertive and acknowledge the problem, cooperate, coordinate and be flexible in their responses."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
macker490
50%
50%
macker490,
User Rank: Ninja
5/31/2012 | 11:35:57 AM
re: Obama Administration Partners With Industry To Fight Botnets
must take EFFECTIVE action: block the path via which hackers install their malware into their victims' computers.

this means studying the Apple Model:
but your choices are limited to apps that both Apple has approved, and
which can function without GrootG or GadministratorG privileges.Gǥ

this means incorporating tools such as Microsoft's AppLocker

i.e. to stop hacking you must take control over the software

running apps that have root or administrator privilege is an invitation to trouble. it expands the attack surface to include all such apps making defense difficult if not infeasible
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36124
PUBLISHED: 2021-05-07
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by XML External Entity (XXE) injection. An authenticated attacker can compromise the private keys of a JWT token and reuse them to manipulate the access tokens to access the platform as any desired user (clients and administrators).
CVE-2020-36125
PUBLISHED: 2021-05-07
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly.
CVE-2020-36126
PUBLISHED: 2021-05-07
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation. PAXSTORE marketplace endpoints allow an authenticated user to read and write data not owned by them, including third-party users, application and payment term...
CVE-2020-36127
PUBLISHED: 2021-05-07
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by an information disclosure vulnerability. Through the PUK signature functionality, an administrator will not have access to the current p12 certificate and password. When accessing this functionality, the administrator has the opt...
CVE-2020-36128
PUBLISHED: 2021-05-07
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. Each payment terminal has a session token (called X-Terminal-Token) to access the marketplace. This allows the store to identify the terminal and make available the applications distributed by its ...