About Us Membership Resources OTA Members Login
Anti-Malvertising  l   Data Breach   l   DNSSEC  l   Email Authentication    I    EV SSL Certs   l    BOTNETS    l   

What is a Bot?  l  Best Practices  l  How You Can Fight Botnets   l    Resources   l  


Botnet Remediation Best Practices   Remediation Resources - October 1, 2013

Botnet Remediation Best Practices (ppt)  (recorded webinar, registration required) - October 4, 2013 

Risk Evaluation Framework for Hosters & Cloud Service Providers Presentation

Combatting Botnets Through User Notification Across the Ecosystem - December 10, 2012

The Online Trust Alliance is working with key stakeholders in the public and private sectors to address the threats resulting from bots.  Towards this goal OTA has created a multi-stakeholder botnet taskforce. The strategy is to focus on a holistic view, including prevention, detection and remediation.  OTA efforts include working with law enforcement, ISPs and web site hosting companies in take-down efforts, promoting best practices to reduce the distribution of bots and aiding users to reduce the vulnerability attack surface.  In addition OTA, is working throughout the ecosystem to promote teachable moments to help users to harden their systems and device's defenses and to provide resources to businesses, governments and users to help remove bots and prevent them from reoccurring.  OTA is a member of the FCC CSRIC efforts which recently released its Anti-Botnet ISP Voluntary Code of Conduct and the FS-ISAC.  See Video from the White House recognizing OTA and other organizations.

OTA Botnet EcoystemThe growth of bot-infected end-user devices represents a significant threat to the vitality and resiliency of the Internet and to the digital economy.  Bots are a global problem requiring the entire ecosystem to work together.  As a global organization, OTA members recognize a shared responsibility as bots threaten to undermine online trust and confidence underlying the foundation of the digital economy.

Bots risk compromising sensitive and personal data from consumers as well as businesses and government agencies, which can lead to online fraud and hijacking of online accounts impacting commerce and banking sites worldwide.  They can lead to attacks against public and private networks, and exploitation of end-users’ computing power and Internet access.  The growth and the sophistication of bots have spread from the PC to all platforms (Windows, Linux and Mac OS), mobile devices and smartphones to critical infrastructure.

What is a Bot?
A "bot" or "botnet" refers to a program that is installed on a system in order to enable that system to automatically (or semi-automatically) perform a task or set of tasks typically under the command and control of a nefarious remote administrator, or "bot master."   Such bots may have been installed surreptitiously without the user's understanding or knowledge and often installed, unknowingly as part of another download or prompted user interaction.   Bots present a major problem for a number of reasons.  First, these bots can be used to send spam, in some cases very large volumes of spam, including deceptive and or malicious email.  Bots can act as platforms for directing, participating in, or otherwise conducting attacks on critical Internet infrastructure, including the distribution of key-loggers and spyware.  Bots are frequently used as part of coordinated Distributed Denial of Service (DDoS) attacks motivated by criminal, political, or other goals.  

OTA ANTI-BOTNET EFFORTS

OTA Releases Remediation White Paper & Resources - October 1, 2013 

OTA Releases Anti-Botnet Notification White Paper (December 10, 2012)

OTA Joins White House in National Effort to Help Protect Citizens and Online Commerce from the Threats of Botnets - May 30, 2012

Video of White House Botnet Initiative - May 30, 2012

OTA joins Industry Botnet Group (IBG)  - May 30, 2012

OTA Releases Recommendation to Businesses to Help Curb Spread of Botnets & Online Threats - March 29, 2012

OTA Press Release - 51% of US Households Are being Protected - March 29, 2012

OTA's recommendations to help prevent, detect & remediate the threats of botnets - Nov 14, 2011


How can you (and your business) help curb the spread of botnets and malware?

The two major attack vectors of bots and malware are spoofed and forged email and compromised site content and advertising (malvertising). Fortunately there are simple non-proprietary solutions which businesses and government agencies can deploy today to help counter and block these threats.  OTA and our members provide resources, deployment guides and training to accelerate the adoption of best practices and voluntary guidelines.

Harden your systems - Advice for Businesses & Consumers
Bots impact every user from the casual home user, to businesses and government agencies worldwide.  They are able to proliferate as a result of a combination of vulnerabilities and by socially engineered exploits.

  • Set all systems to automatically download and install patches

  • Install and update anti-virus software and solutions

  • Utilize a third party solution to automatically scan and update all applications, extensions and add on's.

  • All banking and commerce sites update to Always On SSL, to encrypt user log ins and communications to help prevent online snooping and capturing of log on credentials.

  • Authenticate Your Email & Domains with SPF, DKIM & DMARC
    Authentication is a widely accepted best practice to help prevent the delivery of spoofed and forged email.


PUBLIC SECTOR / U.S. GOVERNMENT INITIATIVES

Federal Communication Commission - Communications Security, Reliability and Interoperability Council's (FCC CSRIC)  
   Voluntary Code of Conduct for ISPSs - Anti-Botnet Code of Conduct - (PDF of code March 22)

    FCC CSRIC III - Final Reports FCC Release  

U.S Commerce Department - National Institute of Standards and Technology (NIST)
Models To Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware.  Request for Comments :

OTA's recommendations to help prevent, detect & remediate the threats of botnets (Nov 14, 2011)

Summary of Submissions to NIST (Nov 14, 2011)


RELATED EFFORTS & RESOURCES

Tools & Resources

Microsoft - Botnet Overview

Microsoft Safety Scanner - The Microsoft Safety Scanner (MSS) is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software. Note: The MSS is not a replacement for using an antivirus software program that provides ongoing protection.

Microsoft Malicious Software Removal Tool (MSRT) - Checks computers running for infections by specific, prevalent malicious software and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malware was detected and removed.

PayPal - Security Center

Symantec - Security Resource Center

Norton Power Eraser

Organizations & Third Party Sites

Department of Homeland Security - Stop. Think. Connect. Campaign

European Network & Information Security Agency (ENISA)  Botnets: Measurement, Detection, Disinfection and Defense (March 2011)

FCC Cybersecurity Center

IETF - Recommendations for the Remediation of Bots in ISP Networks

International Telecommunication Union  (ITU) - Botnet Remediation Toolkit to help deal with the growing problem of botnets. The toolkit draws on existing resources, identifies relevant local and international stakeholders, and takes into consideration the specific constraints of developing economies.

National Cyber Security Alliance - Botnets 101

StopBadware.org Helps make the Web safer through the prevention, mitigation, and remediation of badware websites.


Listing of companies and third parties is not an endorsement by OTA or its' members and is provided for information purposes and is current at time of publishing.  To suggest updates, please email admin @ otalliance.org,

Revised 4/2/2014