Botnet attacks will worsen in coming years, and better international cooperation is needed to fight them, the European Network and Information Security Agency said Tuesday in a report. Government, technical and legislative institutions must boost coordination, backed by political will and support, said ENISA. Standardizing the processes -- for incident reports, identified threats and evidence against suspected criminals -- and mechanisms for keeping shared information confidential and assuring its trustworthiness all play a key role, it said. Existing approaches to measuring the sizes of botnets are usually inaccurate, the agency said. Instead of a generic threat measurement for assessing botnets, ENISA proposed different ones based on diverse stakeholder perspectives. The diversity of EU and national cybercrime laws makes the fight against botnets less efficient, and the applicability of promising detection and mitigation approaches is being limited by conflicts between data protection and information technology security laws, it said. Working processes increase the reaction time to the extent that criminals can easily avoid detection, it said. Botnets’ spread and success are affected by several factors, among them the ease and cost of infecting someone’s PC with malware; the potential profit of running a botnet; and the probability and severity of criminal sanctions, it said. There are three high-level objectives for countering the threat, ENISA said. Existing botnets must be mitigated by giving the owners of compromised computers more support, beefing up identification and monitoring, and sharing information among responsible players. Cybercrime laws should be globally harmonized, it said. A second goal is to prevent new infections by raising public awareness and protecting systems better, the agency said. The third objective is to make botnets and cybercrime less financially attractive through better anti-fraud systems and tougher prosecutions, it said. ENISA recommended that regulators: (1) Intensify efforts to update national laws to deal with cybercrime. (2) Harmonize rules at the EU level to make mitigation and cooperation easier. (3) Create a closely-linked network of responsible parties across EU countries. End-users also play a role in protecting their systems against malware, ENISA said, and they should be made more aware of security issues and given easily available guidance. ISPs should have to notify customers about remotely-identified infections, as long as they're given appropriate incentives for bearing the costs, it said. The agency identified several future trends. Botnets will be increasingly economically and politically motivated, and the quality and simplicity of tools for attacks will continue to get better, it said. Emerging technologies will allow higher levels of deception and resilience via network protocols, Web standards and real-time communication schemes or social networks, it said. Because of the patchwork of cybercrime laws, even not very complex botnets will last for long periods, it said. As smart phones become more popular, botnets based on them and on other new ways of accessing the Internet will increase, it said. ENISA’s report will be presented Wednesday at a conference in Cologne, Germany.
Travelers information stations (TIS) broadcasting limited information to drivers should get the FCC permission they seek for a “narrow expansion” of rules so they can provide more types of emergency information, the NAB said in replies in docket 09-19. Other commenters in the docket also supported expanding TIS, some further than what NAB suggested. Highway Information Systems and the American Associations of State Highway and Transportation Officials had asked the Public Safety Bureau to amend TIS rules, which the bureau sought comment on.
The fear that President Barack Obama could unilaterally shut down the Internet in an emergency is driving the debate over cybersecurity bills in Congress, regardless of how feasible such a shutdown would be, cybersecurity experts told us. But that’s not stopping cybersecurity vendors, policy analysts and the larger business community from pushing forward with the less juicy but long-advocated emphasis on an improved public-private “partnership."
The U.S.-China Economic and Security Review Commission announces an open public hearing on March 10, 2011, which will examine the various narratives emerging from China in regards to Chinese foreign and national security policy. By examining these narratives in greater detail, the hearing will seek to offer greater insight into policy debates inside the Chinese Communist Party (CCP) regarding China’s relations with other countries, and China’s future role in the world.
The mate piloting a tugboat involved in a fatal July 2010 crash with a Ducks tour boat in Philadelphia was using his own cellphone to deal with a family emergency when the accident occurred, according to a report released Monday by the National Transportation Safety Board. The tour boat, with 37 passengers, sunk in the Delaware River after colliding with a barge being towed by the M/V Caribbean Sea. Two Hungarian students were killed and 26 passengers were injured. The report didn’t specify the accident’s cause, but it noted that the mate told a lawyer for the company he had learned that day of a medical emergency involving his son.
The Food and Drug Administration has issued a summary of the major requirements of the Food Safety Modernization Act (FSMA) and timeframes for implementing some of these requirements.
The FCC Thursday unanimously approved three items aimed at improving communications and radio service on tribal lands. Commissioners also heard testimony from tribal leaders about the state of communications in Indian country. The meeting came as the White House held a follow up meeting on last year’s Tribal Nations Summit.
The President has sent a message to Congress that the national emergency with respect to the actions and policies of certain members of the Government of Zimbabwe and other persons to undermine Zimbabwe's democratic processes or institutions is to continue in effect beyond March 6, 2011. The President's administrative order (FR Pub 03/04/11) is available here.
The International Trade Administration has issued a notice seeking public input to help identify regulatory divergences in North America, so that the U.S. Government can work cooperatively with Mexico and Canada to address them. The ITA states that unnecessary regulatory divergences in North America disrupt U.S. exports.
The European Union has announced that EU leaders will meet in Brussels on March 11 for a special summit to deliver a response to the crisis in Libya. The emergency meeting will take place ahead of a same-day summit of the 17 nations that share the euro, gathering in the EU capital to finalize a debt crisis game-plan.