The U.S. Department of Homeland Security and the U.S. Department of Commerce have issued a public call for comments from “all Internet stakeholders” in order to build “a voluntary industry code of conduct to address the detection, notification and mitigation of botnets.”
Individuals and organizations from commercial, academic, and civil society sectors are invited to send in their ideas on what commercial ISPs should do in order to protect their customers.
“The Departments are concerned about the potential economic impact of botnets and the problems they cause to computer systems, businesses, and consumers,” says in the invite. “To address these problems, it is necessary to stop botnets from propagating and to remove or mitigate the malicious software (malware) where installed. Companies and consumers may be able to voluntarily address some of these issues, but to fully address the problem, they will need to work together to clean and better protect computers.”
The call also lists a strategy that has been proven successful – ISPs “voluntarily and timely” detecting and notifing end-users that their machines have been infected – and offers the idea of creating a resource center that would aid the ISPs in this fight.
Furthermore, it offers a number of questions that the submitters should consider and offer and answer to, such as “What preventative measures are most effective in stopping botnet infections before they happen?” and “How can organizations best avoid “false positives” in the detection of botnets?”
Comments will be accepted until November 4, 2011. For more information, go here.