Botnet threats are becoming increasingly sophisticated, which is a large part of why there needs to be broader protection and a set of global standards for cyber security. Most public utilities have laws regarding user’s safety and Internet connectivity should be treated with the same level of concern. Government participation and global cooperation are necessary to develop an effective overall Internet security policy. A minimum security bar that would give users the correct assumption that if the standards are met on their PC that they can safely operate their PCs free from concern of being attacked, regardless of which carrier they use.
Countries such as Australia, Germany and Japan are implementing security programs and dictating laws to protect their e-citizens. While individual government efforts are a hopeful step, global cooperation, implementation, and enforcement are key to securing the Internet. One of the benefits of the Internet is that it has no borders, so how can its regulations?
Recent announcements reported that the FCC is becoming more involved and would be an excellent agency to implement and enforce these laws within the USA. The Obama administration is reviewing Australia’s cyber security program and is implementing a number of initiatives that suggest ISPs take responsibility for their customer’s protection.
The Messaging Anti Abuse Working Group (MAAWG) is also a noteworthy resource that gathers and analyzes botnet information and statistics from a variety of organizations for its members. MAAWG would be a good place to focus research and could potentially contribute a large sample base to provide a more complete view and better understanding of the threat landscape.
Calls to action are being answered by ISPs and governments and it looks like the Internet is going to have safety standards similar to all public utilities. The next step is uniting governments and security groups around the world to aggregate and analyze malware information, dictate global security standards, and enforce cyber laws to generate the best possible threat intelligence.