John Dickson, CISSP, principal at Denim Group and a former U.S. Air Force officer who served in the Air Force Information Warfare Center, also expressed disappointment in the report, saying it was “completely devoid of specific policy ideas and recommendations.”
For instance, Dickson says he would have liked to have seen more specific recommendations for the telecommunications and Internet service providers (ISPs) who have a major role in mitigating DDoS attacks carried out by botnets.
The report touches on the role that ISPs play, and it limits its recommendations to increased information sharing between ISPs and their partners to “achieve more timely and effective sharing of actionable threat information both domestically and globally.”
This, Dickson says, is not enough. Instead, he would have preferred to see recommendations to block specific types of traffic or to monitor traffic to prevent botnet attacks.
“There is an incentive for telcos to do this—reducing spurious traffic on their networks,” according to Dickson. “But they’re likely to say there’s a cost associated with doing that, which will be passed on to users.”
Countries with more government control of ISPs have shown how this can work, Dickson says. For instance, countries like China and Saudi Arabia—which have greater government control of the Internet in general—have been more effective in preventing botnet attacks because they’re able to block them from getting in.
“We don’t have government control of our telcos anymore—it’s much more Wild Wild West with more players and a bigger network,” Dickson says of the U.S. system, making it more vulnerable to botnet attacks.