The best news from this NewsFactor Network story about the arrest of three bot herders: An FBI special agent was quoted as saying that the arrests were "just the tip of the iceberg" and that there are hundreds of open investigations that, presumably, will lead to more arrests.
We certainly hope that's true. It's encouraging that a lot of the most recent news concerning botnets seems to have some governmental angle. Perhaps the situation in Estonia (in which folks with a gripe attacked and greatly degraded the nation's online infrastructure) hit a nerve.
In any case, this Wired piece describes two efforts -- the Cyber-Security Enhancement Act and the Internet Spyware (I-SPY) Prevention Act -- that aim to give cyber security laws more teeth. The piece identifies botnets as a key target of the updated statutes. But, in a clear sign that the boundaries between different hacker methods are blending, the laws apparently deal with penalties for certain levels of damages without delineating between different types of cyber attacks.
The FBI initiative, which the government calls Operation Bot Roast (Feds with senses of humor?), is six months old. The big catch announced this week is Robert Soloway of Seattle. Soloway, known as the "Spam King," is charged with 35 counts related to forming botnets and sending millions of spam messages.
It's difficult to know how deep the inroads the government can make against bot nets will be. As we recently said, the world of bots, like everything else in security, is changing rapidly. Previously, we traced the sinister marriage of botnets and peer-to-peer (P2P) networking. That's certainly a big threat -- but far from the only one.
This recently posted best-practices list from OnGuard, a vendor that seems to have a deep relationship with the government, offers some tips that will reduce the chances of being drafted into the botnet army. These are general tips, and passing them to others in the organization -- either informally or as a company directive -- will generally improve security.
The keys are to keep anti-virus and anti-spyware software up to date and set for automatic download; be wary of attachments and downloads; put PCs behind a firewall; disconnect from the Internet when not using the machine; only download free software from trusted sites; take note of sent or outgoing mail that appears spurious and tend immediately to infected machines.
The importance of government attention to botnet prevention also is a theme in this posting at the Association for Computing Machinery that describes a dialogue between the organization and a member of the FBI's Computer Intrusion unit. The three approaches are consumer education, resource allocation and law enforcement. In the law enforcement category, suggestions included pushing wider adoption of the International Cybercrime Treaty. The participants also advocate increase in the Computer Fraud and Abuse Act.
The bottom line is that the government must play a big role in the fight against botnets and all other cyber threats. The good news is that it appeared, at least this week, that it is stepping up to the plate.