US starts to tackle hacking curse

A simple click of the mouse can open a door to a criminal hacker who – unknown to the computer owner – can then remotely control a machine, making it divulge bank account numbers, passwords and corporate secrets. A network of such remote-controlled machines – known as a botnet – can launch attacks on websites for political or commercial reasons. This year, activist hackers used botnets to temporarily take websites of the CIA and the UK’s Serious Organised Crime Agency offline. Botnets have previously been used to silence official and media sites and sow confusion during the 2008 armed conflict between Russia and Georgia.

The US, by some estimates, has more computers infected with botnet programs, than any other country. But as different parts of the computing industry have blamed one another for the spread of botnets, the US has only now taken its first steps to tackle the problem. Late last month, the commerce and homeland security departments asked for public comments on whether they should encourage internet service providers – which know the condition of their customers’ machines – to voluntarily warn their subscribers if they appear to have been compromised. As the US has lagged, other countries have moved ahead. Since 2007, most internet service providers in Japan have notified consumers if their machines appear to be part of a botnet and offered government-funded tools to clean the computers. This voluntary program, which costs only $5 million annually, has reduced the rate of botnet infection from about 2.5 per cent of personal computers to just 0.6 per cent.