The European Union (EU) cyber security agency has published a new report on “Botnets: Measurement, Detection, Disinfection and Defence”.

The European Network and Information Security Agency (ENISA) report examines the threat posed by the networks of ordinary malware-infected computers controlled by cybercriminals or ‘botnets’.

Comprehensive threat analysis

It has been compiled from ENISA’s consultations with experts from all sides of the fight against botnets, including law enforcement and Computer Emergency Response Teams (CERTs) to security researchers, internet service providers (ISPs) and anti-virus vendors.

The report addresses how to assess the threat posed by botnets to different stakeholders. It also surveys and analyses methods for measuring botnet size, which it describes as “commonly lacking accuracy” and only one factor in assessing their threat.

The report’s main findings have been distilled into a Q&A-style document, covering 10 Tough Questions about botnets.

It also includes a set of 25 different types of countermeasures for monitoring, detecting and defending against botnets from all angles. Divided into three main areas, they cover neutralising existing botnets, preventing new infections and minimising the profitability of cybercrime using botnets.

The report’s recommendations cover legal, policy and technical aspects of the fight against botnets and give targeted recommendations for different groups.

Greater cooperation needed

It also emphasises the need for a close international cooperation between governments, security research and legislative institutions. “The standardisation of processes for information exchange plays an important role,” states the report.

“This includes reports about incidents, identified threats, and evidence against criminal individuals, ideally leading to their arrest, as well as mechanisms for maintaining the confidentiality of shared information and establishing the trustworthiness of its source.”

Professor Udo Helmbrecht, ENISA executive director, also commented: “Global cooperation is indispensable for successful defence against botnets.”

But Amichai Shulman, chief information officer of security vendor Imperva, pointed out that the report does not raise the fact that botnets have become a business problem. “Businesses should start coping with the fact that they might be dealing with infected customers,” he said.

Another ENISA report focusing on legal issues in the fight against botnets will be published in the second quarter of this year.

Miya Knights

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago