Security

The 6 reasons why we've failed to stop botnets

A joint report from the Department of Commerce and the Department of Homeland Security says fighting botnets requires industry and government collaboration.

A joint report issued Wednesday by the Department of Homeland security and the Department of Commerce aims to outline a path to defeating botnets, but it will be no small task.

The report, which was issued as a response to an earlier executive order requesting ways to enhance distributed attack resilience, said that fighting botnets is a task that doesn't end with its publication. "There is much work to do," the report summarizes.

The report said that challenges to reducing distributed threats can be summarized in six principal themes and also provided five goals it believes are an essential part of improving resilience.

The six ways botnet prevention fails

If it's possible to boil down six principal themes into one statement these could be accurately summarized as a cry for improved collaboration. Not only does the report want to improve communication between industry and government, but between industry members and among their employees as well.

  1. The US is often hit by botnets from overseas: The majority of botnets originate outside of the US, the report said. Increasing resilience against these sorts of attacks requires close collaboration with international allies.
  2. Prevention tools aren't being used: Some market sectors are using publicly available tools to combat distributed attacks, but most don't know the tools even exist. Lack of awareness, prohibitive cost, lack of market incentives, and lack of technical expertise are listed as reasons why tools go underutilized.
  3. Hardware security needs to be lifecycle-long: Too many devices are made vulnerable to hijacking due to being out of vendor support, unpatched, or vulnerable when released for sale.
  4. User education on distributed threats is lacking: The report said that many home and business users are unaware of the threat of botnets and how to prevent them.
  5. Market incentives to build secure products aren't there: "Product developers, manufacturers, and vendors are motivated to minimize cost and time to market, rather than to build in security or offer efficient security updates," the report said, adding that incentives need to shift toward a compromise between cost and security.
  6. The problem is ecosystem-wide: No one actor, part of the industry, or government agency can stop this problem: It exists because there's no network in place to prevent it.

Five ways to improve distributed attack resiliency

The DoC/DHS report is primarily concerned with creating a collaboration framework between the federal government and the tech industry, and the five goals it puts forward to improve botnet resiliency are all indicative of that:

  1. Identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace.
  2. Promote innovation in the infrastructure for dynamic adaptation to evolving threats.
  3. Promote innovation at the edge of the network to prevent, detect, and mitigate automated, distributed attacks.
  4. Promote and support coalitions between the security, infrastructure, and operational technology communities domestically and around the world.
  5. Increase awareness and education across the ecosystem.

Individual organizations wondering what they can do to protect themselves from botnets and other distributed attacks won't find advice in the DoC/DHS report.

SEE: Network security policy (Tech Pro Research)

That doesn't mean the government doesn't have advice for private organizations looking to improve their cybersecurity posture, of which distributed attack defense is part. Those looking for less macroscopic advice can turn to the NIST cybersecurity framework published last year.

The big takeaways for tech leaders:
  • The Department of Commerce and Department of Homeland Security have issued a joint report stating that much more needs to be done to improve distributed attack resiliency in the US.
  • The report recommends five goals for improving distributed attack security, all of which focus on collaboration and initiatives between government and the tech industry.

Also see

botnet.jpg
Image: iStock/bagotaj

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks

Free Newsletters, In your Inbox