ISPs Signal Support For Anti-Bot Code Of Conduct

Type threatpost
Reporter Paul Roberts
Modified 2013-04-17T16:32:34


The U.S.’s leading Internet Service Providers signed on to a new Federal Communications Commission code of conduct to limit the impact of major cyber security threats including botnets, attacks on the Domain Name System (DNS) and Internet routing attacks.

AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile and Verizon were among the ISPs that agreed to a voluntary agreement with the FCC’s Communications, Security, Reliability and Interoperability Council (CSRIC).

“The recommendations approved today identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners,” said FCC Chairman Julius Genachowski.

The agreement comes after a call by the FCC Chairman last month that urged the Internet community to find industry-led solutions to Internet security problems, in lieu of regulation. The call followed warnings from security experts and Congress for more coordinated action against threats such as botnets and attacks on Internet pillars such as the Domain Name System (DNS).

In recent months, private firms including Microsoft, Kaspersky and FireEye have teamed with law enforcement and ISPs to take down prominent botnets including Keilhos and Rustock.

Under the new Anti-Bot Code of Conduct asks ISPs to take steps to detect botnet activity on their networks, help customers identify when their computer is bot infected and offer them assistance in disinfecting it.

For the DNS code of conduct, CSRIC is asking ISPs implement best practices to better secure the Domain Name System. The recommendation falls short of calling for full implementation of DNSSEC. Instead, CSRIC asks for a “first step” towards DNSSEC that will allow users, with
software applications like browsers, to validate that the destination they are trying to reach is authentic.

On the issue of Internet route hijacking, CSRIC recommends an industry framework that allows ISPs to work together to implement new
technologies and practices to reduce the number of attacks on the routing infrastructure.

Though lower profile than problems like botnets and DNS hijacking, Internet route hijacking is potentially more harmful. In April, 2010, for example, reports surfaced about suspicious changes to Internet routing tables that had the result of redirecting a large volume of Internet traffic through infrastructure operated by Chinese ISP.

The new code of conduct hopes to make the U.S. “more confident that their Internet traffic will not be exposed to scrutiny by other
networks, foreign or domestic, through misrouting,” the FCC statement said.

Chairman Genachowski strongly reiterated that privacy must not be compromised for the sake of security. He also announced that CSRIC is being tasked with preparing future recommendations to ensure that the
best practices endorsed today will protect the privacy of Internet users.

“Today is an example of the importance of self-regulatory efforts to help improve the safety and performance of the internet,” said Craig Spiezle, executive director and president, Online Trust Alliance in a published statement. “Sustainable solutions to contain bots must include all stakeholders in efforts to detect, prevent, and remediate these threats.”