New best practices aim to improve reporting process and maximize badware URL cleanup
Cambridge, Mass., October 7, 2011 — Nonprofit anti-malware organization StopBadware announced today the public release of its new Best Practices for Reporting Badware URLs. StopBadware’s new best practices prescribe specific steps for reporting different types of badware URLs to the entities best able to directly address the threat those URLs pose.
Badware is an undeniable threat to the open Internet, and currently no clear standard exists for who should be notified of a badware URL or what information should be included in that notification. StopBadware contends that improving communication between those who detect badware URLs and the parties best equipped to address them is a crucial step in combating the badware threat. StopBadware’s Best Practices for Reporting Badware URLs are divided among what the organization defines as four main stages to reporting: determining report targets, identifying contact information, assembling report contents, and delivering reports. Best practices are laid out for each stage of the reporting process, along with steps for escalation should an initial report fail to receive a satisfactory response. StopBadware’s best practices call upon reporters to differentiate where possible between URLs that are primarily malicious and ordinarily legitimate URLs that have been compromised by malicious actors.
The Best Practices for Reporting Badware URLs were developed, in part, to complement StopBadware’s Best Practices for Web Hosting Providers. Like the latter, the reporting Practices were developed with the input of a cross-industry working group. “It was clear early on that creating best practices for both reporting badware and responding to badware reports would help streamline industry communication and get the bad stuff cleaned up more effectively,” said StopBadware executive director Maxim Weinstein. “The audiences for the two sets of practices differ, but the goal is the same—to shape the best possible path between those who have identified a problem and those in a position to take decisive action.”
StopBadware revealed last month that it had begun reporting badware URLs from its community feed in accordance with the first draft of the new Practices. The organization claims a 67% overall takedown/cleanup rate in response to their reporting methods; when the report recipients acknowledged receipt of those reports in accordance with StopBadware’s Best Practices for Web Hosting Providers, the takedown and cleanup rates jumped to 75%. “These best practices will help any security organization or individual expert with an interest in working quickly and collaboratively to mitigate the damage from badware URLs,” says Weinstein. “We’re excited to continue following the Practices in our own reporting for one simple reason: they work.”
StopBadware’s Best Practices for Reporting Badware URLs are available for download at http://www.stopbadware.org/reporting-best-practices.
StopBadware provides tools and information that assist industry and policymakers in meeting their responsibility to protect users from badware, and that help users protect themselves. It began as a project of the Berkman Center for Internet & Society at Harvard University before spinning off as a standalone nonprofit organization in 2010. Corporate partners include Google, PayPal, Mozilla, Verizon, and Qualys. StopBadware is based in Cambridge, Mass. For more information, visit www.stopbadware.org.
Anti-malware organization reports on systemic causes of and responses to badware threat
Cambridge, Mass., June 8, 2011 — Nonprofit anti-malware organization StopBadware announced today the release of its first State of Badware report. The report offers a macro view of recent trends in the badware landscape, examines factors that contribute to badware’s persistence, and evaluates the Internet ecosystem’s changing responses to the threat.
Badware is a defining challenge for individuals, businesses, and governments throughout the world. Cybercriminals have developed a mature badware economy in which individual computers and legitimate, reputable websites are turned into badware distribution vectors, often without the knowledge of their owners. The badware economy is complex, multi-layered, and versatile: badware increasingly evades detection or classification, transcends national boundaries, and adapts to the security industry’s attempts to excise it. “Security research statistics and media headlines frequently proclaim that badware is on the rise, but understanding badware’s prevalence requires a deeper examination of the interconnected systems it preys upon,” said Maxim Weinstein, StopBadware’s executive director. “The State of Badware examines the limitations of today’s approaches to understanding the badware problem and illustrates how unilateral approaches to security are insufficient to address the challenges faced by the Internet ecosystem.”
The State of Badware is intended as a resource to assist policymakers, businesses, and individuals in understanding the current badware landscape and how it is evolving. The report points out blind spots in the way people think about badware measurement and identifies weaknesses in the landscape. “At a micro level, badware targets flawed software and unsuspecting users,” said Weinstein, “but there are also broader issues of economic incentives and legal frameworks that allow cybercriminals to exploit the Internet ecosystem itself.”
StopBadware’s report identifies key areas for improvement and cites “an opportunity for policymakers and industry players” to create new and more centralized methods of measuring and responding to the badware threat. StopBadware is in the midst of several projects to improve the Web’s collective resistance to badware: the organization recently released a set of best practices for web hosting providers responding to malware reports, and is currently creating a set of best practices for malware reporting. StopBadware plans to develop a centralized tool for reporting and tracking malware URLs later this year.
Weinstein will be presenting key findings from The State of Badware at the 14th Annual New York State Cyber Security Conference today. The full report can be downloaded at http://www.stopbadware.org/files/state-of-badware-june-2011.pdf.
StopBadware provides tools and information that assist industry and policymakers in meeting their responsibility to protect users from badware, and that help users protect themselves. It began as a project of the Berkman Center for Internet & Society at Harvard University before spinning off as a stand-alone nonprofit organization in 2010. Corporate partners include Google, PayPal, Mozilla, Nominum, Verizon, and Qualys. StopBadware is based in Cambridge, Mass. For more information, visit www.stopbadware.org.
Philippe Courtot, CEO of Qualys, Joins StopBadware Board of Directors
Cambridge, Mass. and Redwood Shores, Calif., March 29, 2011—Qualys, Inc., the leading provider of software-as-a-service (SaaS) IT security risk and compliance management solutions, announced today that it is partnering with the non-profit anti-malware organization StopBadware. The two organizations will leverage one another’s strengths to bolster the Web’s collective defenses against malware. Qualys joins industry leaders including Google, Mozilla, PayPal, Nominum, and Verizon in supporting StopBadware.
Qualys and StopBadware share the philosophy that information sharing and collective action are necessary to fight the spread of malware. Qualys will support StopBadware’s efforts to combat website infections by providing funding, along with access to Qualys’ automated malware detection service (http://www.qualys.com/StopMalware) and other threat intelligence capabilities.
“Qualys’ track record as an industry leader is indisputable,” said Maxim Weinstein, StopBadware’s executive director. “The company brings not only considerable expertise to this partnership, but also data, research and tools that we at StopBadware are excited to utilize in expanding our reporting capabilities and strengthening our own initiatives to protect Internet users.”
StopBadware has, since its creation in 2006, worked to provide educational resources and an appeals process for webmasters whose sites have been blacklisted for badware content. Earlier this month, the organization released best practices that guide hosting providers in responding to malware reports. This report is available in full at http://www.stopbadware.org/web-hosting-best-practices.
“StopBadware is a much needed initiative as fighting malware cannot be done by any proprietary solutions that do not share intelligence. It must be built as a community effort in order to share and be able to act on such information,” said Qualys Chairman and CEO Philippe Courtot. “This is exactly what StopBadware’s mission is all about and we are proud to be associated with such an initiative.”
Courtot, who has been with Qualys since 2001, has also enthusiastically accepted an invitation to join the StopBadware Board of Directors. “Philippe is a highly respected member of the security community whose vision and expertise make him an ideal addition to the StopBadware Board,” said Michael Barrett, CISO of PayPal and chairman of StopBadware. “Philippe is committed to advancing StopBadware’s mission, and the entire Board welcomes him to the table.”
The StopBadware Board of Directors is chaired by PayPal Chief Information Security Officer Michael Barrett, and includes Vint Cerf (Google), Esther Dyson (EDventure), Paul Mockapetris (Nominum), Mike Shaver (Mozilla), John Morris (CDT), and Executive Director Maxim Weinstein.
StopBadware provides tools and information that assist industry and policymakers in meeting their responsibility to protect users from badware, and that help users protect themselves. It began as a project of the Berkman Center for Internet & Society at Harvard University before spinning off as a stand-alone nonprofit organization in 2010. StopBadware recently released a set of best practices for web hosting providers responding to malware reports. A report on the state of badware is expected in April of 2011. StopBadware is based in Cambridge, Mass. For more information, visit www.stopbadware.org.
Qualys, Inc. is the leading provider of on demand IT security risk and compliance management solutions—delivered as a service. Qualys’ Software-as-a-Service solutions are deployed in a matter of hours anywhere in the world, providing customers an immediate and continuous view of their security and compliance postures.
The QualysGuard® service is used today by more than 5,000 organizations in 85 countries, including 47 of the Fortune Global 100, and performs more than 500 million IP audits per year. Qualys has the largest vulnerability management deployment in the world at a Fortune Global 50 company, and has been recognized by leading industry analysts for its market leadership. Qualys was recently named Best Security Company in the Excellence Awards category of the 2011 SC Awards U.S.
Qualys has established strategic agreements with leading managed service providers and consulting organizations including BT, Etisalat, Fujitsu, IBM, I(TS)2, LAC, NTT, SecureWorks, Symantec, Tata Communications and TELUS. Qualys is a founding member of the Cloud Security Alliance (CSA).
For more information, please visit www.qualys.com.