Connect with us

Hi, what are you looking for?



Europe’s Cybersecurity Agency Gears Up for War on Botnets

Europe’s Cybersecurity Agency Publishes Botnet Report and Policy-Level Considerations

Europe’s Cybersecurity Agency Publishes Botnet Report and Policy-Level Considerations

The European Network and Information Security Agency (ENISA), Europe’s Cyber security agency, issued a report focused on botnets this week titled, “Botnets: Measurement, Detection, Disinfection and Defence.” The report discusses the reliability of botnet size estimates and provides recommendations and strategies to help organizations fight against botnets. In addition, ENISA published a list of what it considers the top 10 key issues for policymakers in ‘Botnets: 10 Tough Questions.

ENISA Botnet ReportThe 154 page “Botnets: Measurement, Detection, Disinfection and Defence” report includes different types of best practices to measure, detect and defend against botnets from all angles. The countermeasures are divided into 3 main areas: neutralizing existing botnets, preventing new infections and minimizing the profitability of cybercrime using botnets. The recommendations cover legal, policy and technical aspects of the fight against botnets and give targeted recommendations for different groups.

The recommendations cover legal, policy and technical aspects of the fight against botnets and give targeted recommendations for different groups involved including:

• The clarification of defensive measures permitted in each member state.

• Measures for encouraging users to keep their computers free of botnets.

• Supporting schemes for notification to infected customers by ISP’s.

The report also emphasizes the need for a close international cooperation between governments, technically-oriented, and legislative institutions. “Global cooperation is indispensable for successful defense against botnets,” said Udo Helmbrecht, Executive Director of ENISA.

Advertisement. Scroll to continue reading.

The “Botnets: 10 Tough Questions” list comes from internal discussions by security experts in the field of botnets that took place between September and November 2010 and presents a selection of the most interesting results. The document distills the major issues that need to be understood and addressed by decision-makers in all groups of stakeholders. “Botnets: 10 Tough Questions” is a policy-level distillation of ENISA’s consultation with top experts from all sides of the fight against botnets, including Internet Service Providers (ISPs), security researchers, law enforcement, Computer Emergency Response Teams (CERTs) and anti-virus vendors. The questions addressed include:

1. How much trust to put in published figures?

2. What are the main challenges associated with jurisdiction?

3. What should be the main role of the eu/national governments?

4. Which parties should take which responsibilities? ‘

5. Where to invest money most efficiently?

6. What are key incentives for cooperative information sharing?

7. What are key challenges for cooperative information sharing?

8. Are there unseen/undetected botnets?

9. Which aspects are still missing in the fight against botnets?

10. What are future trends?

“The botnet numbers define the political agenda and they determine 100’s of millions of Euros of security investments – we should understand what is behind them,” says Dr. Giles Hogben, the report Editor. Yet, the report concludes that many botnet figures are likely to be inaccurate and even small numbers of bots can cause severe damage. “Size is not everything – the number of infected machines alone is an inappropriate measure of the threat,” says Dr. Hogben.

The Botnets: Measurement, Detection, Disinfection and Defence report can be downloaded here. Botnets: 10 Tough Questions can be downloaded here. (Both are PDF Files)

ENISA says a third report focusing on legal issues in the fight against botnets will follow in Q2.

Read More in the SecurityWeek Cybercrime Section

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...