The Obama administration on Wednesday announced new efforts to disrupt networks of infected computers that help cyber criminals send spam messages, commit identity theft, steal financial data and siphon intellectual property.
Such networks, known as botnets, are linked together by cybercriminals and grow in size as computer users accidentally click on a malicious link or file. The users' PCs then begin performing automated tasks that contribute to the majority of today's malicious activity on the Internet, experts say.
The new initiatives include a joint pilot program later this year with the financial services sector and Internet service providers. The program will notify customers when their computers have been infected with malware and will share data about botnets to help make online banking safer, according to Bill Nelson, president of the Information Sharing and Analysis Center, a financial services firm whose members include major banks and credit card companies. Nelson said that details of the pilot program would be announced in about a month.
In addition, the Industry Botnet Group -- a coalition of trade associations and nonprofit groups -- announced a set of voluntary principles that call on companies to share information with each other to better analyze botnets and help keep customers' computers free of malware. The group also launched "Keep a Clean Machine" -- a campaign to help educate consumers on improving their cybersecurity.
Botnets are growing fast. Between January and March of this year, more than 5 million computer systems were infected with botnets, according to the security company McAfee. At a White House forum on cybersecurity Wednesday, Brad Smith, general counsel for Microsoft, said botnets have become the weapon of choice for cybercriminals.
"They add power and create a truly potent threat to all of us who use computers today," he added.
The Rustock botnet, which federal law enforcement agents shut down last year, was capable of sending 30 billion spam messages every day, he said.
"The sheer magnitude of that problem makes one thing all too clear: This is not a problem anyone can solve alone," he said.
The initiatives announced Wednesday are part of a growing effort from both the federal government and the private sector to battle networks of infected computers. In March, the Federal Communications Commission announced commitments from most of the nation's Internet service providers to adhere to a voluntary "code of conduct" to fight botnets, with companies pledging to notify and help customers whose computers are infected.
In March, Microsoft filed suit in federal court in Brooklyn that led to the shutdown of botnet servers infected with the so-called Zeus malware. The malware stole more than $100 million by recording users' computer keystrokes to get usernames and passwords linked to online bank accounts.