U.S. ISPs Might Alert End-Users of Botnet and Malware Infections

The Homeland Security Department and the National Institute of Standards and Technology have filed a note in which they propose the implementation of a voluntary corporate notification system that would alert consumers whenever a botnet or other malware infection is discovered.

Currently, both companies and individuals suffer a great deal because of malware plagues that take over their devices and use them to launch attacks on others.

Legal authorities in the United States have come up with a plan in which ISPs and other organizations that could pitch in, would share information about threats, alerting consumers when they notice their devices are taken over by malevolent forces.

The note seeks “public comment from all Internet stakeholders, including the commercial, academic, and civil society sectors, on potential models for detection, notification, prevention, and mitigation of botnets' illicit use of computer equipment.”

The document informs us that Australia has already implemented a similar program where an ISP would alert end-users about a potential infection, guiding them step by step through the purification process. Germany and Japan have deployed similar activities after realizing that something had to be done to stop these cyberthreats.

Another proposition is for special support centers to be created that would take part of the burden from companies. These would take over the entire cleaning procedure after receiving a notification.

The purpose of these companies would be not only to aid the victims but also to gather data that could further improve botnet detection.

Depending on the models created, these entities would operate for profit or as non-profit organizations, three scenarios being proposed.

The first is a scenario where the private sector would run and fund a resource center that would inform and educate consumers that have fallen victim to botnet infections.

Another proposition names the government as being the one that will operate the entire activity and the final one mentions a state-private sector partnership.

The note is open for public comment until November 4 so anyone who would like to express an opinion is free to share. The only controversy could rise from the fact that the information possessed by the bodies that will handle these stress situations could be used for other purposes that are not as well-meaning.