The US Departments of Homeland Security and Commerce are seeking public comments on a proposed voluntary program under which Internet service providers (ISPs) would notify users when their computers have been infected by botnet malware.
The departments want input on the requirements for and approaches to a voluntary industry code of conduct to address the detection, notification, and mitigation of botnets, according to a Federal Register notice.
“One strategy that security experts suggest has been successful in stemming the tide of botnets has been for private sector entities to voluntarily and timely detect and notify end-users that their machines have been infected. This voluntary notification has mostly, though not always, come from the user’s Internet Service Provider (ISP), which has contact information for the end-user and a pre-existing relationship. Once a service provider has detected a likely end-user security problem, it can inform the Internet user of the steps the user can take to address the problem”, the notice explained.
via infosecurity.com, continued here.