The US Government Vs Botnets

U.S. government agencies are working hard to solve the problem of botnets and other cyber threats, and are asking for input from various stakeholders. In July 2017 the National Institute of Standards and Technology (NIST) conducted a Workshop on “Enhancing Resilience of the Internet and Communications Ecosystem.” The proceedings of that workshop were published as NISTIR 8192, “Enhancing Resilience of the Internet and Communications Ecosystem: A NIST Workshop Proceedings.” Then, in early January the US Secretary of Commerce and Secretary of Homeland Security submitted A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem against Botnets and Other Automated, Distributed Threats.”

To follow up on that report, which was open to public comments for 30 days, the National Institute of Standards and Technology (NIST) conducted a 2nd workshop, called “Enhancing Resilience of the Internet & Communications.” The workshop was held February 28-March 1 at NIST’s National Cybersecurity Center of Excellence (NCCEO) in Rockville, Maryland.

The workshop discussed substantive public comments, including open issues, on the draft report about actions to address automated and distributed threats to the digital ecosystem as part of the activity directed by Executive Order 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” According to the NIST website, “The Departments of Commerce and Homeland Security seek to engage all interested stakeholders—including private industry, academia, civil society, and other security experts—on the draft report, its characterization of the threat landscape, the goals laid out, and the actions to further these goals.” A final report from the departments of Homeland Security and Commerce, incorporating comments and other feedback received, is due to President Trump on May 11, 2018.

These workshops and reports are important steps in the right direction. It seems quite clear to various stakeholders across industry and government sectors that industry-government collaboration is essential to thwart cyber security threats. For starters, government can walk the talk by implementing best security practices and technologies in its operations, whether at federal or state levels. In addition, government can influence the marketplace via regulations and policies that are designed to make the Internet safer. For example, government may mandate that manufacturers build in tighter security for IoT devices, to make it harder for hackers to recruit those devices into botnets. Another possibility is that the government may impose regulations on Internet service providers, requiring them to provide protection from DDoS attacks, for example.

The Departments of Commerce and Homeland Security response to the Presidents’ Executive Order calls for businesses to improve their resilience to DDoS attacks. Corero released the “Government Response to Rise in IoT DDoS Botnet Threats” Solution Brief to detail how our solutions help our customers defend themselves against all DDoS attacks and to answer business and consumer requests for better protection from cyber threats. In general, businesses and consumers have influenced the marketplace by asking for (or in some ways, demanding) better protection from cyber threats. Competition inspires vendors to offer better solutions, and enterprises to adopt those solutions. For the sake of risk management, many companies have already taken steps to increase cyber security. And many telecommunications companies have responded to the market demand for DDoS protection, by offering DDoS protection as a service to their customers. On the other hand, some enterprises don’t understand the risks of DDoS attacks or take steps to mitigate them; the government can’t regulate or police all enterprises. If a major website gets attacked (perhaps a bank, or a hospital) and it impacts thousands of civilians, then both civilians and the enterprise are victimized. A case in point was the massive DDoS attack against Dyn, which impacted millions of end-users.

It’s crucial that the U.S. government take steps to advance cyber security. It can’t do it alone, however. When safeguarding the Internet for all users, a multi-stakeholder approach is essential. Though the government can help reduce IoT botnets, it cannot completely eliminate them, partly because the U.S. government can’t completely control what manufacturers do and what end-users do, especially in other countries. No one can assume that vendors around the world will bake in better security for IoT devices, or change their default passwords or update devices with security patches. No matter how heavily IoT devices are regulated or how many consumers are educated, millions of such devices around the world will still be unsecured and vulnerable to being recruited into a botnet.

Read Corero’s Government Response to Rise in IoT DDoS Botnet Threats Solution Brief to learn how our DDoS Defense solutions solve the problem of botnet-driven DDoS attacks. We have been a leader in DDoS protection solutions for over a decade, contact us to learn more about how we can help protect your network from all DDoS attacks.