Computers infected with malware should be disconnected from the internet to prevent them posing a risk to the rest of the online community, a top security executive at Microsoft has urged.
In a paper delivered to the ISSE 2010 computer security conference in Berlin on Wednesday, Scott Charney, Microsoft's vice president of Trustworthy Computing, proposed the move as part of a re-think of global IT cybersecurity along public-health lines. Quarantining infected PCs would help prevent malware from spreading and could help battle botnets, he said.
"If a device is known to be a danger to the internet, the user should be notified and the device should be cleaned before it is allowed unfettered access to the internet, minimising the risk of the infected device contaminating other devices," Charney said.
Read this
Know the enemy: today's top 10 security threats
The more you know about the likely avenues of cybercrime attack, the better you can protect yourself against them, says Alan Calder
He called for companies and governments to work together on a "global collective defence" to ensure the safety of the internet and the world's online community. The strategy should be implemented and defined in the same way that nations define and deal with public-health problems, he added.
"In the physical world, international, national and local health organisations identify, track and control the spread of disease, which can include — where necessary — quarantining people to avoid the infection of others. Simply put, we need to improve and maintain the health of consumer devices connected to the internet in order to avoid greater societal risk," Charney wrote in a blog post announcing the paper.
Botnets, which are networks of millions of compromised computers, are increasingly popular among cybercriminals as a means for distributing spam or launching attacks against specific targets. In May, VeriSign said that its online investigation found botnets for rent for as little as £6 an hour, meaning that less-skilled criminals are able to use them for attacks.
A collective global approach to cybersecurity should help make up for failings in individual defensive measures, according to Charney. "Commonly available cyber-defences such as firewalls, antivirus and automatic updates for security patches can reduce risk, but they're not enough," he said. "Despite our best efforts, many consumer computers are host to malware or are part of a botnet."
Charney noted international, national and private-sector efforts that he believes are good examples of the use of collective defence. These included Japan's Cyber Clean Center, which communicates with 70 internet service providers to identify botnet-infected machines and provides software to prevent reinfection. The Microsoft Active Response for Security (Mars) plan, meanwhile, provides technical resources for quelling local botnet infections, such as the recent Waledac botnet.
Talkback
What an idiotic suggestion.
Are there Unix, Linux, and OS/X botnets out there? Last time I checked, there was one tiny Mac botnet (hundreds of machines), and all of the other tens of millions of systems involved were running Windows. Microsoft already has administrative access to those machines, it's right there in their EULAs. If they want to kick infected machines off the Internet, they already have the means at their disposal. They could also appeal to ISPs to help out. Asking for government intervention is insane.
Here's a better idea... why doesn't Microsoft quit making shi**y products and create software and hardware that is secure? We don't need government intervention to prevent malware attacks..
There was a similar statement made by the same guy several months ago. It certainly is a worth a good chuckle or two. Rather than owning up to the fact that Windows is a security nightmare, Microsoft instead tries to offload the responsibility on others. This is what they've done over the years. Luckily companies like McAfee, Symantec, and others have been able to capitalize on Microsoft's failure to release a stable and secure OS.
Here's a better idea: Dump Windows, use some common sense, and you won't have to worry about your PC getting infected from the start.
That has to be the funniest joke of the year.
Although, if infected computers were treated as some kind of public health risk I guess you would have to trace the infection back to the source and have it put down. Bye bye Microsoft.
Looks like everyone agrees that the government has no business running the internet, as they have enough trouble trying to take care of their own business. apexwm is on the right track. Microsoft started it let them finish it, one way or the other.
I think they is more to this than meets the eye's, I look upon on this as a means to an end for corporate's to stop people fighting back on the net when they have being wronged by them, it's just to easy to say it's because of viruses.
This post has been removed by a moderator.
In practice, any take downs by ISPs or Microsoft would raise many privacy issues and legal complications, conundrums etc., and probably lead to a huge howl of protest.
However, common sense dictates that ISPs, in particular, and (other facilitators of the Internet) can presumably quite easily identify infected computers from the traffic, and could either warn the subscribers or cut them off until their computers were cleaned up.
I'm sure we would all like something done to curtail the the proliferation of all the variuos malware etc., and probably do agree that this is not a place for government. Nevertheless, there does require to be a legal framework and regulation to facilitate any action by ISPs, and others, who should continue to provide a service rather than actually police the Internet.
This is at least as hard a nut to crack, if not harder, than 'illegal' file sharing, etc....., a nut that is not easily cracked.
Ultimately, there is the very considerable concern about abuse as a result of any such system being set up and any subsequent creep from the use of the technology for other purposes. After all, there is considerable controversy and disquiet about the collection of information, from joe public, in the fight against terrorism and cyber-crime and cyber-terrorism, and of course file sharing etc.
A conundrum, but something has ultimately to be done, one way or another.
Of course there is the question of Windows vulnerability and, in my own experience, the huge number of Windows users who have little, or no, understanding about the risks, consequences or the necessity to secure their computers. Schools/government do not apparently include such necessary education in the curriculum.
There is a feint indication that Microsoft might be developing a new OS in secret to succeed Windows but, of course, the scene is changing fairy rapidly with the so called cloud computing. Myself, I think it will be quite a long time before independent operating systems are redundant, Not least because much of the world, including parts of USA, do not have satisfactory or any access to the Internet.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.
This post has been removed by a moderator.