White House cyber czar launching war on botnets

White House Cybersecurity Coordinator Howard Schmidt knows the cyber threat is an amorphous landscape that’s constantly changing, requiring him to always be reevaluating where to direct his most powerful resources. The latest foes in his crosshairs are botnets, and he’s convening federal agencies, private companies and other stakeholders to figure out the best way to deal with the threat.

Botnets – legions of computers that have been compromised and remotely controlled by hackers to carry out malicious activities – are one of the most common tools of the cyber crime trade. They’re also now the target of a federally led working group joining forces to create a unified cybersecurity front. But developing policies to govern an approach to combat them is going to be difficult.

“There’s been a lot of discussion about botnets…trying to identify how many are out there, what they’re doing, what they could do and what the impact could be. I’ve asked my office to engage in a private-public partnership to enhance the nation’s cybersecurity by fighting against bot networks,” Schmidt said April 11 at the McAfee Public Sector summit in Arlington, Va. “We’re teaming U.S. internet service providers, search engines, internet vendors, privacy rights advocates and groups and trade associations to tackle this on all fronts. We’re working on developing best practices and an industry code of conduct within the next 90 days.”

Schmidt said the group currently has four main goals: to develop principles for addressing the botnets; establish high-level strategies to increase public awareness on the botnets; leverage available consumer-focused information tools and resources to prevent the botnets from the beginning; and identify ways of measuring progress.

“A lot of times when we talk about this, it means different things to different people. It’s really tough to say, ‘How many resources are being put into it, and what place do we need to put them into?’” he said.

Botnets are an incredibly widespread, but still shadowy, problem in cybersecurity; currently most crime using botnets involves theft and fraud, sources say it’s possible they’ll be used for more destructive crimes in the U.S. It’s widely suspected that botnets were used in the cyber war that took down Estonian government, newspaper, banks and other websites in 2007.

The danger to the U.S. is imminent, especially as the government looks toward high-tech solutions and practices – such as the bring-your-own-device model that’s currently a hot topic inside the Beltway.

“We’re looking at what [botnets] might do to a business’s infrastructure, to personally identifiable information – identity theft, credit card fraud, et cetera – but it goes beyond that. What we’re beginning to see is about 4 million new botnet infections every month…it’s a moving target,” Schmidt said. “Roughly one in ten Americans has some kind of malicious software on their devices. Clearly, in an environment where bring-your-own-device is a good way to move forward, that potential for malware continues to grow.”

According to Schmidt, the time for action is now, and it’s critical.

“One of the clear issues we won’t be doing anymore is to just sit back and admire the problem. We’ve done that for too long. We’ve written strategy after strategy…it’s time to move beyond the strategies and actually move into an environment where we’re executing on these strategies,” he said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.