Home Office in drive to stamp out botnets

The Home Office has launched a high-profile campaign to secure the internet against hacking groups using networks of infected...

The Home Office has launched a high-profile campaign to secure the internet against hacking groups using networks of infected computers to launch worm, spam and denial of service attacks against critical businesses and services.

The campaign, which features a website and an alert service to help non-IT specialists protect their computer systems, is designed to plug one of the weakest links in security on the internet: home and small business PCs.

Over the last 12 months, organised criminal groups have been releasing viruses to attack insecure PCs, creating networks of tens of thousands of infected machines, called botnets, which can be used to send spam or launch co-ordinated attacks against corporate IT systems.

“By protecting the home and small business user more, and by reducing the number of machines that might be compromised, actually what we are doing is minimising the risk to the critical national infrastructure. If  everyone protected their home PC, there would be no botnets,” one senior security official told Computer Weekly.

The campaign will encourage home users and small businesses to sign up to an alert service, run by the National Infrastructure Security Co-ordination Centre (NISCC), part of the Home Office, which will give advice on urgent threats that affect home PCs, PDAs and mobile phones.

NISCC plans to use its expertise in issuing security alerts to critical businesses in the UK, identifying key security issues for small businesses and consumers without swamping them with information.

It expects to issue between six and 10 alerts a year, which will contain advice written in plain English for non-IT specialists. The site will also contain simple advice on patching machines and installing security software.

Although the service is not designed to replace alert services run by firewall and anti-virus companies, NISSC believes that its links with international IT security organisations will help it to identify new computer threats as quickly as or before commercial alerting services.

“The interface is aimed at those people who do not have anti-virus on their machine or who do not feel the need to update it. We are offering the service in plain language so that people who might get bamboozled by anti-virus vendors can have it explained in a simple way,” a government official said.

For more on the new service, visit www.itsafe.gov.uk.

Read more on IT risk management