The U.S. Departments of Homeland Security and Commerce are working on a White Paper to be presented to the President later this year on enhancing the resilience of the Internet against Botnets and Distributed Attacks. They released a draft last Friday and are currently inviting comments until February 12, 2018.
The Obama administration initiated the process in May 2011 with an Executive Order, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. That order asked the Homeland Security and Commerce Departments to lead an open process “to identify and promote action” on the steadily increasing threats posed by automated and distributed attacks.
The report also laid out six main themes in identifying the challenges and suggesting opportunities for how to significantly reduce threats from automated, distributed attacks, in particular botnets. The themes are:
- Automated, distributed attacks are a global problem.
- Effective tools exist, but are not widely used.
- Products should be secured during all stages of the lifecycle.
- Education and awareness is needed among home and business customers.
- Market incentives are misaligned, and should focus more on security than cost savings.
- Automated, distributed attacks are an ecosystem-wide challenge, requiring a diverse robust response to their mitigation.
The government draft paper stresses the urgent need for working partnerships across the public and private sectors, and defines five goals and suggested activities “intended to dramatically reduce the threat of automated, distributed attacks and improve the resilience of the ecosystem”.
The five goals are:
Goal 1: Identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace
Goal 2: Promote innovation in the infrastructure for dynamic adaptation to evolving threats
Goal 3: Promote innovation at the edge of the network to prevent, detect, and mitigate bad behavior
Goal 4: Build coalitions between the security, infrastructure, and operational technology communities domestically and around the world
Goal 5: Increase awareness and education across the ecosystem
Following the comments period, the National Institute of Standards and Technology (NIST) will hold a workshop to discuss unresolved comments and next steps for the Report. The final White Paper will be submitted to the President on or before May 11, 2018.