Microsoft Wants to Kick Infected PCs Offline
Infected PCs should be quarantined and kicked offline in order to protect consumer computers, Microsoft's corporate vice president of trustworthy computing says.
Scott Charney outlined his vision in a paper recently published by Microsoft, called Collective Defense: Applying Public Health Models to the Internet. In the paper, Charney said that while commonly available cyber-defenses such as firewalls, antivirus software and automatic updates for security patches can reduce the risk to consumers' PCs, they don't do enough to protect consumers against cyberattacks.
According to Charney, many consumer computers are host to malware (malicious software) or are part of a botnet despite those defenses. Bots, are networks of compromised computers, controlled by hackers, that can provide a relatively easy means to commit identity theft. Additionally, bots can be used to launch an attack on critical government infrastructure or financial systems.
In a blog post, Charney said security officials should treat an Internet infection just as health officials would treat a deadly outbreakby quarantining the infected ones.
Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society, Charney said.
In the physical world, international, national, and local health organizations identify, track and control the spread of disease, which can include, where necessary, quarantining people to avoid the infection of others. Simply put, we need to improve and maintain the health of consumer devices connected to the Internet in order to avoid greater societal risk.
Charney said a public health model can empower consumers and improve the security of the Internet. In addition, he said consumers' privacy concerns could be protected by focusing on the health of their device, not its content. He said communicating the overall health of a PC would not mean revealing the identity of the consumer.
According to Charney, if consumers don't change their online behaviors voluntarily and if the private sector is unable to keep consumer PCs safe against Internet threats, then governments should step in.
Cybersecurity policy and corresponding legislation is being actively discussed in many nations around the world, and there is a huge opportunity to promote this Internet health model, he said. As part of this discussion, it is important to focus on building a socially acceptable model. While the security benefits may be clear, it is important to achieve those benefits in a way that does not erode privacy or otherwise raise concern.
Industry analyst Rob Enderle, of the Enderle Group, said this may be the only viable way to keep the Internet safe and that the sacrifice seems marginal compared to the benefit.
Who would have believed that people would accept being shown nude on a scanner in order to fly safely? he said. Against that, this seems trivial in comparison, and the result is far more likely to result in higher safety than these new people scanners are.
In fact, some corporations are already doing this, Enderle told TechNewsDaily.
That's how successful companies keep poorly maintained machines from compromising their networks, he said. The cause of many of these large-scale attacks is the massive number of PCs that aren't updated [in a timely manner] and don't have any type of real anti-malware protection. That is irresponsible, and just as we try keep irresponsible drivers off the road, we should be making a greater effort to keep irresponsible PC users off the network.
Enderle said quarantining individual PCs could easily be done by Internet service providers.
If you don't pass a scan, you aren't provided with access, and the user can be given some choices as to how to resolve the problem, he said.