Senate Hearing on Botnets
On July 15, 2014, Distil Networks attended the Senate hearing “Taking Down Botnets: Public and Private Efforts to Disrupt and Dismantle Cybercriminal Networks” in Washington, D.C., headed by Senator Whitehouse (D-RI) and ranking member Senator Graham (R-SC). This hearing was hosted to provide testimony to the Subcommittee on Crime and Terrorism, which has recently been ramping up efforts to draw attention to both the economic and security threats that bots and botnets pose to the United States and the global community. Testimony was offered by Leslie Caldwell, Assistant Attorney General for the DOJ’s Criminal Division; Joseph Demarest, Jr., Assistant Director to the Cyber Division of the FBI, and several private sector representatives, including Richard Boscovich, Assistant General Counsel for the Digital Crimes Unit of Microsoft; Cheri McGuire, VP of Global Government Affairs & Cybersecurity Policy at Symantec; Craig Spiezle, Executive Director of the Online Trust Alliance; and Dr. Paul Vixie, CEO of Farsight Security.
The Senate Hearing touched largely on the legislative needs of law enforcement to combat bots as well as some of the ways in which private entities have assisted the government in taking down cyber criminals in recent history. Although bots have existed for well over a decade, the scope of what they can accomplish has increased dramatically in the last several years as the internet has become ever more important to the daily lives and operations of both individual people and businesses. Senator Whitehouse expressed the wide-spread concern within Congress that the next 9/11 attack could come in the form of a cyber attack aimed at crucial infrastructure.
Leslie Caldwell and Joseph Demarest both spoke of the recent success inbringing down the Gameover Zeus botnet last month, which infected nearly 1 million computers and resulted in nearly $100 million in financial losses. The creator of the GameOver Zeus botnet, Evgeniy Mikhalilovich Bogachev, has been indicted by the Justice Department for his cybercrimes but still remains free in Russia. However, despite the fact the DOJ and the FBI have nearly disinfected all the computers involved, a new version of the Gameover Zeus bot has been detected. So while the US Senate is working to come up with federal and international ways to speed up the processes needed to identify and take down cyber criminals, the evolution of bots and what they can accomplish is speeding up.
The work of the FBI and the DOJ to detect bot attacks and find those responsible for them has been strengthened through strategic partnerships with private businesses (including those listed as members of the InfraGard network). These businesses typically operate in spheres where they are likely to see this criminal activity occurring and provide vital information to law enforcement officials. Microsoft and Symantec represent the two biggest strategic partners for the government currently with regards to the tracking and remediation of bots.
However, although we were pleased to be in attendance at a public forum where discussion was taking place regarding bot threats, we have three main issues with the current situation surrounding the take-down of bots:
- A legal process at internet speed? – United States legislation is based on numerous concepts that have existed for centuries and it’s no surprise that the lines we usually draw to define certain types of crime need to be extended and reworked to encompass the world that now includes the internet. So how efficient will or can the legal system truly be in providing the protection that’s needed to prevent and deter bot related crime?
- Just what are the proper methods for addressing bot threats? – A lot of collateral damage can occur if sweeping methods for removing bots from the internet are used. There are such things as good bots on the internet that are used in various types of technology. Monitoring cams for seniors with dementia, internet collected alarm systems and multi-player online games are examples of things that were disrupted when the No-IP.com seizure of 22 domain names by Microsoft occurred in June this year as an effort to stop several IP addresses that were spreading malicious software online. At one point during the question and answer period, Dr. Paul Vixie stated that one of the issues contributing to the problem is the fact that many of the technological products on the market are pushed out to consumers before adequate testing has been done. “We have got to test the way the bad guys do,” Vixie said. It seems that now our solutions are reactive in nature and likely to create as much damage as the bots themselves if we don’t think through how bot threats are prevented or deterred.
- Who can you trust? – Although the government’s job generally includes protecting the interests of this country and the safety of its citizens, even they have an agenda when promoting this topic. Politics involves games that many individuals and companies can’t really afford to participate in. Much of the wording used in both the Senate Committees remarks and the testimony of witnesses focused on protecting private citizens from botnets (with almost no discussion at all regarding the threats to online businesses). Let’s face it, talk of cyber attacks is sensational and anxiety-producing in the average citizen who knows absolutely nothing about bots, malicious software or the internet in general. If the average Joe doesn’t know what all that means but is still scared, he’s sure to say “Sure you can tap our phone lines, and why not monitor what my computer is doing while you’re at it.” It’s doubtful that the kinds of efforts really needed to protect businesses and private citizens from bot threats is genuinely going to come from the government alone. But, we are glad that efforts are being made.
One thing we were very pleased to hear at the Senate Committee meeting was an emphasis on the need for more education surrounding bots. Being in this industry, we know that online businesses increasingly and continually find themselves hacked, held ransom, bleeding resources or literally stopped dead in their tracks because of bot cybercrime. We hope that there will in fact be more of an effort by industry leaders to educate US and international enterprises about the bot threats they face and how to protect themselves. As the Internet of Things becomes more of a daily reality for people around the globe, both private individuals and businesses will need to face the challenges that bots pose. Here at Distil Networks, we will continue our work to find ways to protect businesses from the threat of bots, however, we have decided to take a proactive stance and make more educational resources available to raise awareness of bots. Stay tuned for an announcement this coming month for an upcoming webinar series we’re putting together aimed at educating those in different industries on the bots they most need to worry about and how they can protect themselves.
For more information, on the problems that bots pose to businesses refer to the wealth of resources available on the Online Trust Alliance website. If you know you’re interested in protecting your business from bots, Distil Networks offers a comprehensive bot protection and remediation software that proactively guards online websites and business information. Contact us for a free trial and demo.
About the AuthorFollow on Twitter More Content by Courtney Brady