Expert: Battling botnets requires standards and automation

Shutterstock image 

The Trump administration's cyber executive order has tasked the departments of Commerce and Homeland Security with a year-long study of how to reduce botnets, but one former official says the immediate focus should be on standards and automation.

Ari Schwartz, former senior director for cybersecurity at the National Security Council and now with Venable LLP, said at a July 11 resilience workshop hosted by the National Institute for Standards and Technology that the proliferation of internet-connected devices -- many of which are insecure or can't be updated -- and increasing bandwidth of internet systems are leading to more, and more powerful, distributed denial of service  attacks. Repeaters and other technology are making attacks increasingly complex.

Schwartz said that there were a variety of successes in the battle against bots over the last decade, including the FBI's Bot Roast and DNSChanger operations and the Federal Communications Commission Communications Security, Reliability and Interoperability Council's Anti Bot Code of Conduct for ISPs.

But he said the government failed to build on the momentum.

"The fact that you need a botnet report and we're not at the point of saying 'here is the whole of government approach to this issue' and that the Trump administration needed this report," demonstrates that more could have been done, he said.

Going forward, Schwartz told FCW the first priority is speeding up the development of standards, especially for device manufacturers.

"We're just starting to see the standards be put in place for what they are supposed to do, so I'm worried that it's a long process to get to that point," he said. Schwartz warned that standards need to be put in place before any regulation comes down to avoid ending up "with things locked into place in 2017."

He said NIST and National Telecommunications and Information Agency are playing important roles in developing standards and facilitating public-private partnership.

"There needs to be sustained follow up and sustained participation," he said. "Government is part of that. Industry is part of that, and it's different parts of industry too."

Schwartz stressed that the government needs to hold off on regulations for now.

"You've got to get the standards in place," he said. "You've got to get people doing it voluntarily and see how that goes for some period of time and then start mandating it as people are not doing it or in the areas they're not doing it."

One of the key standards is automated device updating, Schwartz said.

"Education works to some extent, notification works to some extent, but the scale we're talking about, it's not going to be the answer," he said. "So it needs to be more of automated patching in this space."

"How do we make sure that we can update things and the user doesn't have to be involved in that discussion, but yet we're not invading their privacy, we're not breaking stuff on their side, right?" he said. "That's the key."

Schwartz and other panelists at the workshop acknowledged there will be an ongoing challenge posed by expired devices that are still connected but are no longer supported or being updated.

About the Author

Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.