Security experts: Botnets biggest threat on net
Summary: At the RSA Conference, security experts have bemoaned botnets' growth and called for updated laws to help tackle the problem
Botnets are the biggest global threat facing the internet today, according to security experts at the RSA security conference in San Francisco this week.
Ira Winkler, president of the Internet Security Advisors Group, said: "The statistics are basically that we're screwed. There is no real strategy for it. No-one is doing anything."
Winkler said there needs to be a fundamental change in people's attitudes to effectively combat botnets. "It's going to take a lot more than education, technology and law enforcement."
The most effective approach to tackling botnets would be to impose penalties on people who allow their computers to become infected, making users take more responsibility, according to Winkler.
He said: "We need to hold users responsible. ISPs should have a responsibility of making sure users aren't hosting botnets."
The botnet problem is getting worse, with no obvious solution in sight, according to Joe Telafici, vice president of Avert Operation at McAfee.
Telafici said: "The problem today is many orders of magnitude worse [than] last year. If we don't find a way to make it less profitable to do this, it won't go away."
Jordana Siegel, deputy director of outreach and awareness at the National Cyber Security Division of the US Department of Homeland Security, said: "We're seeing a constant increase in malicious code, which includes botnets."
Read this
Special report: The top five internal security threats
What should an employer watch out for?
Ronald Teixeira, executive director of the National Cyber Security Alliance, said: "Botnets are, I think, the biggest threat we face on the internet today. Tackling this is going a long way to limit attacks."
But Matthew Fine, supervisory special agent with the FBI, said the fact that criminals are now going to jail for botnet attacks is a step in the right direction.
"It's sending a message that judges understand this is affecting lives," said Fine.
But more still needs to be done, Fine warned. "I think we're all screaming for help. Hopefully we'll get some updated laws to help us."
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Botnets?
More details would be useful.
KLR
Botnets?
Windows and Botnets
Also consider a Network Access Control system in addition to above to quarantine the machines in their own Vlan prior to disinfection.
Security is and should be proactive, not just relying on AV and patching to ensure protection, passive protection is no protection.
I have to ask...
Protection in depth
This gives us a list of suspect machines, we then look at the NAC complicance logs, Altiris Software/Hardware inventory and AV alerts for indications of the source of the differences.