The Online Trust Alliance is working with key stakeholders in the public and private sectors to address the threats resulting from bots. Towards this goal OTA has created a multi-stakeholder botnet taskforce. The strategy is to focus on a holistic view, including prevention, detection and remediation. OTA efforts include working with law enforcement, ISPs and web site hosting companies in take-down efforts, promoting best practices to reduce the distribution of bots and aiding users to reduce the vulnerability attack surface. In addition OTA, is working throughout the ecosystem to promote teachable moments to help users to harden their systems and device's defenses and to provide resources to businesses, governments and users to help remove bots and prevent them from reoccurring. See Video from the White House recognizing OTA and other organizations.
The growth of bot-infected end-user devices represents a significant threat to the vitality and resiliency of the Internet and to the digital economy. Bots are a global problem requiring the entire ecosystem to work together. As a global organization, OTA members recognize a shared responsibility as bots threaten to undermine online trust and confidence underlying the foundation of the digital economy.
Bots risk compromising sensitive and personal data from consumers as well as businesses and government agencies, which can lead to online fraud and hijacking of online accounts impacting commerce and banking sites worldwide. They can lead to attacks against public and private networks, and exploitation of end-users’ computing power and Internet access. The growth and the sophistication of bots have spread from the PC to all platforms (Windows, Linux and Mac OS), mobile devices and smartphones to critical infrastructure.
OTA ANTI-BOTNET RESOURCES
OTA / Distil Networks Bad Bot Landscape Presentation (PDF) / Recorded Webinar - May 28, 21014
OTA joins Industry Botnet Group (IBG)
How can you (and your business) help curb the spread of botnets and malware?
What is a Bot?
A "bot" or "botnet" refers to a program that is installed on a system in order to enable that system to automatically (or semi-automatically) perform a task or set of tasks typically under the command and control of a nefarious remote administrator, or "bot master." Such bots may have been installed surreptitiously without the user's understanding or knowledge and often installed, unknowingly as part of another download or prompted user interaction. Bots present a major problem for a number of reasons. First, these bots can be used to send spam, in some cases very large volumes of spam, including deceptive and or malicious email. Bots can act as platforms for directing, participating in, or otherwise conducting attacks on critical Internet infrastructure, including the distribution of key-loggers and spyware. Bots are frequently used as part of coordinated Distributed Denial of Service (DDoS) attacks motivated by criminal, political, or other goals. The two major attack vectors of bots and malware are spoofed and forged email and compromised site content and advertising (malvertising). Fortunately there are simple non-proprietary solutions which businesses and government agencies can deploy today to help counter and block these threats. OTA and our members provide resources, deployment guides and training to accelerate the adoption of best practices and voluntary guidelines.
Harden your systems - Advice for Businesses & Consumers
Bots impact every user from the casual home user, to businesses and government agencies worldwide. They are able to proliferate as a result of a combination of vulnerabilities and by socially engineered exploits.
- Set all systems to automatically download and install patches
- Install and update anti-virus software and solutions
- Utilize a third party solution to automatically scan and update all applications, extensions and add on's.
- All banking and commerce sites update to Always On SSL, to encrypt user log ins and communications to help prevent online snooping and capturing of log on credentials.
- Authenticate Your Email & Domains with SPF, DKIM & DMARC
- Authentication is a widely accepted best practice to help prevent the delivery of spoofed and forged email.
PUBLIC SECTOR / U.S. GOVERNMENT INITIATIVES
Federal Communication Commission - Communications Security, Reliability and Interoperability Council's (FCC CSRIC)
Voluntary Code of Conduct for ISPSs - Anti-Botnet Code of Conduct - (PDF of code March 22)
U.S Commerce Department - National Institute of Standards and Technology (NIST)
Models To Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware. Request for Comments :
OTA's recommendations to help prevent, detect & remediate the threats of botnets (Nov 14, 2011)
Summary of Submissions to NIST (Nov 14, 2011)
RELATED EFFORTS & RESOURCES
Microsoft Safety Scanner - The Microsoft Safety Scanner (MSS) is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software. Note: The MSS is not a replacement for using an antivirus software program that provides ongoing protection.
Microsoft Malicious Software Removal Tool (MSRT) - Checks computers running for infections by specific, prevalent malicious software and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malware was detected and removed.
PayPal - Security Center
Norton - Security Resource Center
Organizations & Third Party Sites
European Network & Information Security Agency (ENISA) Botnets: Measurement, Detection, Disinfection and Defense
International Telecommunication Union (ITU) - Botnet Remediation Toolkit to help deal with the growing problem of botnets. The toolkit draws on existing resources, identifies relevant local and international stakeholders, and takes into consideration the specific constraints of developing economies.
StopBadware.org Helps make the Web safer through the prevention, mitigation, and remediation of badware websites.
Listing of companies and third parties is not an endorsement by OTA or its' members and is provided for information purposes and is current at time of publishing. To suggest updates, please email admin @ otalliance.org.