Microsoft Urges Quarantine Of Unsecure, Infected Computers

A Microsoft security expert is encouraging organizations to quarantine unprotected computers infected by botnets by booting them off the Web.

Scott Charney, Microsoft vice president of trustworthy computing, said earlier this week that computers plagued with botnets should be treated in the same way as a person who is infected with a highly contagious disease, and urged governments, ISP and commercial organizations to emulate a public health model.

Charney's proposed public health approach was outlined in a paper Microsoft published Tuesday titled "Collective Defense: Applying Public Health Models To the Internet," which encouraged organizations to take alternate and collaborative approaches in preventing cyber threats.

"Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society," he wrote.

Charney extended the metaphor by saying that global health organizations often aim to control the spread of a disease by tracking and identifying affected individuals and if necessary, placing them in a location where others can't become infected.

Next: Charney Urges Public Health Model

"Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk," Charney said. "To realize this vision, there are steps that can be taken by governments, the IT industry, Internet access providers, users and others to evaluate the health of consumer devices before granting them unfettered access to the Internet or other critical resources."

One of those steps included taking collective approach in order to eradicate the spread of botnets and deter other security threats, Charney said.

Meanwhile, Charney acknowledged that cyber security measures such as firewalls, antivirus and automatic updates were capable of reducing risk but were often not enough to stop the spread of infection. "Despite our best efforts, many consumer computers are host to malware or are part of a botnet," he said.

In particular, Charney focused on the risk posed by botnets, networks of compromised computers controlled by hackers, because of their sophistication and their ability to rapidly contaminate significant numbers of machines at a time, among other things. In addition to being used for identity theft, botnets are often equipped by organized cyber criminals to steal financial information and intellectual property, as well as attack critical infrastructure, he said.

Charney said that governments around the globe are already engaging in discussions around security policy and legislation, which opens up a big opportunity to promote what he termed the "Internet health model."

Next: New Model Could Raise Privacy Concerns

Charney acknowledged that adopting a new security model would raise privacy issues, but maintained that it was possible to achieve his aims "in a way that does not erode privacy or otherwise raise concern."

In the paper, he pointed to France and Japan as examples of nations that have already adopted collaborative approaches to defending their cyber infrastructure against attacks with their respective Signal Spam and Cyber Clean Center programs, and encouraged other countries to follow their lead.

"Examining health is not the same as examining content; communicating health is not the same as communicating identity; and consumers can be protected in privacy-centric ways that do not adversely impact freedom of expression and freedom of association," he wrote.