We’ve known for a long time that botnets are the Madwoman in the Attic at most major Internet service providers (ISPs)- an unseemly and occasionally embarrassing presence that is occasionally dealt with, but usually silently tolerated. But now, it seems, there’s pressure mounting on ISPs to do something about the endemic botnet operations that are leveraging their global networks to spew spam, carry out denial of service attacks and push malware.
As Threatpost reported yesterday, Microsoft is pushing the idea of a global “health certificate” that computers would need to present to connect to the Internet. Now Brian Krebs at Krebsonsecurity.com is reporting that the FCC is considering taking a more activist role, pushing U.S. ISPs to respond quickly to reports of botnets operating on their networks. Krebs reports on a conversation with Jeffery Goldthorp, the FCC’s Associate Bureau Chief in the Public Safety & Homeland Security Bureau about the ideas that the agency is considering for its Cybersecurity Roadmap, due out in January, 2011.
Goldthorp tells Krebs that the agency is considering instituting a kind of “code of conduct” for ISPs.
“ISPs could opt-in to or not, basically a standard of behavior for ISPs to follow when they find that a user of theirs has been infected…The goal of that would be to clean up the consumer and residential networks,” he’s quoted saying.
Read the rest of the article on Krebsonsecurity.com.