Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

FCC chairman calls on ISPs to adopt new security measures

Broadband providers should notify subscribers when their computers are infected with malware, Genachowski says

U.S. Internet service providers should take new steps to protect subscribers against cyberattacks, including notifying customers when their computers are compromised, the chairman of the U.S. Federal Communications Commission said Wednesday.

FCC Chairman Julius Genachowski called on ISPs to notify subscribers whose computers are infected with malware and tied to a botnet and to develop a code of conduct to combat botnets. Genachowski also called on ISPs to adopt secure routing standards to protect against Internet Protocol hijacking and to implement DNSSEC, a suite of security tools for the Internet's Domain Name System.

If ISPs don't take these steps, they will risk a backlash from subscribers who have lost trust in online commerce, Genachowski said in a speech at the Bipartisan Policy Center, a Washington, D.C., think tank.

"The cyberthreat is growing," he said. "If we fail to tackle these challenges, we will pay the price in the form of diminished safety, lost privacy, lost jobs and financial vulnerability -- billions of dollars potentially lost to digital criminals."

The problems of botnets, IP hijacking and domain name fraud, and potential solutions, were priorities identified by the FCC's Communications Security, Reliability and Interoperability Council and other participants, Genachowski said.

ISPs can help battle botnets by detecting infections on subscribers' computers and notifying them of the problems, he said. Botnets, often used to launch cyberattacks, can control millions of computers, he said. "Botnets have been central to a very large percentage of the website crashes you've heard of, and that you haven't," he said.

To fight IP hijacking, ISPs should support the development of secure routing standards and implement them when ready, Genachowski said. The cost of implementation can be minimized by putting the standards in place during routine hardware and software upgrades, he said.

DNSSEC, developed by the Internet Engineering Task Force, can help prevent domain name fraud, "but adoption in the private sector has been slow," Genachowski added. One major U.S. ISP has implemented DNSSEC, and Genachowski called on others to do so.

ISP Comcast said it supports the FCC in calling for industry-led solutions to cybersecurity problems. Comcast will continue to work with the FCC and other groups on cybersecurity, Kyle McSlarrow, president of Comcast/NBCUniversal's Washington operations, wrote in a blog post.

"Comcast agrees with Chairman Genachowski that protecting American consumers, businesses and governments from cybersecurity threats should be a global priority," McSlarrow wrote. "To be effective, everyone who is a part of the Internet ecosystem must play a meaningful role in ensuring that private and government networks, and personal computers and devices are secured."

The American Cable Association, representing small and medium-sized ISPs, praised Genachowski for "emphasizing the need for the development of practical solutions" to minimize cybersecurity threats.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Comcast, FCC, Federal Communications Commission, IDG, Internet Engineering Task Force, SEC
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: American Cable Association, Bipartisan Policy Center, comcast, government, Internet Engineering Task Force, Julius Genachowski, Kyle McSlarrow, Regulation, security, U.S. Federal Communications Commission
Latest Blog Posts
Whitepapers
  • Case Study: BNP Paribas Deploys Oracle Exadata to Accelerate Information Processing - The Hardware Perspective
    Datacenters are an aggregate of very heterogeneous elements interacting with each other and incurring a complex chain of dependencies, particularly around the point of contact between hardware and software. Against this backdrop, IDC is observing a great push from suppliers and end users alike toward a consumption model based on pre-integrated blocks of optimized hardware and software that IT departments need only to fine-tune, as opposed to build out of a collection of different components. Read on.
    Learn more »
  • Restore control, Reinforce security & Reduce Cost
    Uncontrolled print environments and practices present a serious risk to the profit and security of your organisation. IT is under pressure to protect sensitive information, secure devices, and improve the way they manage the entire fleet. To gain better control, your organisation needs to implement plans that meet industry regulations while also increasing productivity, lowering costs, and providing users with more flexible imaging and printing solutions. Read more.
    Learn more »
  • The Big Six: The CIO Executive Council’s Frameworks for IT Value and Leadership
    This overview of six of the CIO Executive Council’s most important pieces of intellectual capital represents the thought leadership of literally hundreds of global CIOs spanning over half a decade. It is intended to convey the Council’s position on the current and future CIO role and the value that IT should be creating for the enterprise. We hope that it offers the IT community an intriguing and comprehensive roadmap for continued success.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.