TOP | Weekly Column | (Japan) New Approach to Eliminate Botnet Which Learn From Public Hygiene

New Approach to Eliminate Botnet Which Learn From Public Hygiene
Deputy Director-General, National center of Incident readiness and Strategy for Cybersecurity (NISC)
 Councilor, Cabinet Secretariat, Japan
Dr. Ikuo Misumi

In the past, air pollution was a societal problem in Japan. The main cause was discharge of smog by factories into our atmosphere. Many factories were not proactive to take measures because of its cost. But as awareness of the problem of air pollution is raising, situation was gradually changed. Cooperation of the stakeholders are growing and the situation of the societal problems has been improved. Today we no longer see serious air pollution.
The same story also be applied in the field of cybersecurity. In recent years, cyberattacks are occurring in various places with increasing frequency. For example, the threat of botnets such as "Mirai" is increasing. There was another example in May of this year, ransomware "Wannacry" spread rapidly all over the world, and it was reported that there were more than 230,000 computers infected in 150 countries. Fortunately, in our country the impact of Wannacry was limited.
I think that many people expect cybersecurity experts to handle cybersecurity incidents by detecting, judging and handling with problems, in order to improve upon recent situations such as the mass generation of ransomware and the increase in botnets. However, such a traditional protection model, a superhero model, so to speak, does not work in situations where cybersecurity incidents occur frequently and at various places, as it does today. It is difficult to deal with many cases with only few institutions and experts.
I would like to think about medical treatment as an example. The physician treats one patient at a time. Meanwhile, vaccination is effective for coping with infectious diseases. This approach, specifically public hygiene, is defined as an activity that helps maintain health and prevents the spread of disease. We believe that this approach can also be applied to the field of cybersecurity. This cyber-hygiene model makes it possible to prevent the spread of malicious activity by concentrating on securing a clean cyberspace through measures by organizations and individuals who are not necessarily experts.
This year, based on the understanding about necessity of a cyber-hygiene model, we conducted an interim review of the Japan’s Cybersecurity Strategy. We listed various issues in the mid-term review, but here I would like to introduce focusing on bot elimination measures. The measures for botnet are very important to keep cyberspace clean. IoT devices such as security cameras without appropriate security measures such as access control, are easily hacked and become a hotbed for botnets.
In order to deal with the botnet problem, several years ago, in collaboration with related organizations such as Telecom ISAC (the present ICT-ISAC), JPCERT and related ministries and agencies, we carried out a project which aimed to eliminate bots from compromised PCs. Based on the experience obtained there, we are going to implement a new Bot Cleaning Campaign.
This campaign is a comprehensive initiative to identify bot-compromised IoT devices, to notify its owner and to deliver countermeasures. And thus to improve the network environment by public-private partnership cooperation, and thereby effectively and efficiently repairing IoT devices infected with bots. We also encourage manufacturers and suppliers of IoT devices to strengthen the access control functionalities of IoT devices. In cyberspace spreading across countries, the effect of this initiative is limited if we take such measures only in our country. Therefore, we would like to call for international cooperation.

  Disclaimer: The views and opinions expressed herein are those of the author and do not necessarily reflect the views of the organization or its affiliates, and the copyright belongs to the author.