San Francisco, May 30, 2012 – Supporting the voluntary industry efforts announced at a White House event today, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) strongly encourages the Internet ecosystem to implement the Principles for Voluntary Efforts to Reduce the Impact of Botnets in Cyberspace issued by the Internet Botnet Group (IBG). The principles outline nine activities that will significantly help reduce the malware known as “bots” that can wreak havoc on end-users.
“It takes a global village, with all the suppliers involved, to fight bots. The only way to effectively protect consumers is for the operators, vendors and other participants serving the Internet ecosystem to recognize their shared responsibility in addressing the problem and then integrate the appropriate defenses into their daily business practices. The IBG principles encourage the industry to be assertive and acknowledge the problem, cooperate, coordinate and be flexible in their responses,” said M3AAWG Co-Chairman for Malware Michael O’Reirdan.
M3AAWG serves on the IBG steering committee as part of its global public policy outreach to forge industry alliances against abuse. The new principles are intended to significantly improve cooperation among network operators, vendors, trade associations and other nonprofits working against the malware.
IBG (http://www.industrybotnetgroup.org/) is an industry-wide organization formed in January 2012 to collaborate and encourage voluntary action to combat bots. Cybercriminals surreptitiously install the malware on end-users’ computers without the owners’ knowledge then use the bots to steal personal identity information, launch cyber attacks, send spam and carry out other destructive pursuits.
The IBG principles announced are:
- Share cyber responsibilities by employing reasonable technologies to thwart the effectiveness of botnets across all phases of the mitigation lifecycle: prevention, detection, notification, remediation, and recovery;
- Coordinate across sectors in order to better analyze, prevent, and combat threats;
- Confront the problem globally through cross-border collaboration;
- Report lessons learned with partners in the Internet ecosystem;
- Educate users by making information and resources available to them;
- Preserve flexibility for responses by different entities to an ever-evolving threat environment;
- Promote innovation to foster technological advances;
- Respect privacy; and
- Navigate the complex legal environment.
M3AAWG will hold its 25th general meeting in Berlin June 4-7 with training and working sessions on malware and other abuse issues. The organization also partners with other industry organizations against malware, including work with the OECD (Organisation for Economic Co-operation and Development). It supports the Anti-Bot Code of Conduct for ISPs (ABCs) outlining specific steps operators can take to mitigate bots on their networks that was released by the FCC CSRIC Working Group #7 earlier this year. O’Reirdan also chairs this CSRIC working group and M3AAWG lists network operators participating in the ABCs on its website at /abcs-for-ISP-code.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) – or M3 for Messaging, Malware and Mobile – represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is an open forum driven by market needs and supported by major network operators and messaging providers.
# # #
Media Contact: Linda Marcus, APR, 714-974-6356, LMarcus@astra.cc, Astra Communications
M3AAWG Board of Directors: AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; La Caixa; Message Bus; Orange France Telecom (NYSE and Euronext: FTE); PayPal; Return Path; Time Warner Cable; Verizon Communications; and Yahoo! Inc.
M3AAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Experian CheetahMail; Genius.com; iContact; Internet Initiative Japan (IIJ NASDAQ: IIJI); MailUp; McAfee Inc.; Message Systems; Mimecast; MXTools; Proofpoint (everyone.net); Scality; Spamhaus; Sprint; Symantec; and Trend Micro, Inc.
A complete member list is available at http://www.m3aawg.org/about/roster.