Botnets are comprised of poorly-secured devices that are connected to the Internet of Things (IoT); the botnets are often used to launch distributed denial of service (DDoS) attacks. The problem is so overwhelming that it makes sense for both the public and private sectors to tackle it from various approaches. Pooling intelligence from the private and public sectors could prevent cybercrime and improve law enforcement.
Government’s Role in Botnet Problem
An advisory group for the U.S. federal government is taking on the challenge of preventing botnets, according to NextGov. The Internet and Communications Resilience Subcommittee of the Homeland Security Department’s National Security Telecommunications Advisory Committee is preparing two reports. The first will focus on how existing technologies can be expanded or improved to prevent personal computers and other technology from being conscripted into botnet armies; the second report will focus on efforts to reduce the number of botnets and their power. Those are ambitious and worthwhile goals.
Unfortunately, the U.S. government can do very little to control all computers and technologies, even if they are within the U.S. borders, and it has little or no control over the computers and technologies that are manufactured and used in other countries. Furthermore, the cyber threat landscape is constantly evolving, so it is difficult for government agencies to adapt quickly, whether through technology solutions or through compliance regulations.
Pressuring Manufacturers to Solve the Botnet Problem
Experts agree that manufacturers should build in better security architecture, and end-users should update their IoT device passwords so that the devices can’t be recruited into a botnet. Government regulations that mandate better built-in security architecture and requiring updated passwords and patches on IoT devices would be helpful. There needs to be a renewed focus on educating members of the public and industry on the imminent dangers that come with living in technology-driven world. However, given that there are millions of IoT devices around the world, government regulations will help only so much; technology solutions that defend against cyber threats are necessary to ensure complete protection from cyber threats.
Botnet Defense Technologies
It is not as if the government has not already invested in cyber security, for many years. The U.S. military has some of the finest cyber security technologies in the world, and many modern technologies were first created by U.S. defense agencies. However, government usually does not build technology solutions; it more often relies on solutions from the private sector. Recently, in fact, a high-profile U.S. Federal Government agency selected Corero’s SmartWall Threat Defense System to protect its network from DDoS attacks.
Although the technology to defend against botnet-driven DDoS attacks already exists, government cannot mandate that all agencies or all companies must deploy DDoS protection technology. However, it is possible that the government may regulate the telecommunications industry to require that Internet Service Providers offer DDoS protection. Most enterprises already expect their ISPs to provide DDoS protection, so in this case the marketplace, rather than government regulations, may drive the adoption of anti-DDoS technology.
For more information, contact us.