APWG Advisory: Routinized Desktop and Device Intervention and Remediation

Illuminating four model programs for mass-scale cleansing of co-opted computing devices

CAMBRIDGE, Mass.--()--To increase end user awareness on programs to clean infected machines, the APWG has released its latest Technical Policy Advisory: Routinized Desktop Intervention and Remediation. Focusing on benefits, user experience and costs, the report provides an in-depth examination of four model programs that have been successfully utilized by consumers and enterprises for the cleaning of corrupted computing devices.

Cyber criminals are infecting innocent victims’ computing devices with crimeware at an alarming rate and with enormous costs. Technology solutions alone have not worked to rid the Internet of the danger of infected desktop computers and mobile devices to deny computing resources to criminal enterprises. Complimenting advanced security technology, empowering users with facile tools, knowledge and further education is vital for a formulated defense.

By analyzing the discovery and remediation methods from four entities - National CERT (Computer Emergency Response Team), NGOs (Non-Governmental Organizations), Trade Associations, and Commercial Internet Service Providers (ISPs) - the report examines proven approaches which can be replicated with highly effective results, coupled with minimal deployment cost and end-user effort.

"The four organization profiled are examples of those that have provided working models that can be readily emulated by enterprises interested in providing structured interventions for neutralizing malware and botnets," said April Lorenzen, APWG Research Fellow and director of Dissect Cyber. "Each has sought to empower users with solutions for cleaning up their machines while providing education about how to prevent additional infection. This approach aids in removing computer cycles from criminal control and making the larger networked community more resilient against all types of attacks."

  • National CERT - Started in 2006, the Cyber Clean Center project provides ISPs with proprietary data to help them identify infected customers. Initially started with eight large ISPs is 2006, the CCC quickly grew to what is now 72 participating ISPs.
  • NGO - In 2010, the iCode initiative began in Australia. The aims of iCode are centered around four cyber security principles of Education, Detection, Action and Reporting. Today over 90% of Australia’s Internet users are served by an iCode compliant ISP.
  • Trade Association - In 2010 the Anti Botnet Advisory Center (ABAC) began operations in Germany. ABAC is unique in that it offers telephone support where users can be talked through solving their infection problems where possible. Additionally, ABAC distributes a bootable CD which can automatically clean the infected users computer.
  • Commercial ISPs - ISPs have also started programs to detect, notify, and help customers sanitize infected computers. In the United States, AT&T, Cox, Sprint, Time Warner Cable, Verizon, CenturyLink and Comcast either have a working program or have pledged to create one.

Each of these profiled programs has seen major success in the two-tier approach that helps users clean up infected machines while providing all necessary education. The full text of the report and in-depth program analysis is available here: http://docs.apwg.org/reports/APWG_Model_Desktop_Clean_Up_Programs_NOV_2013.pdf

About the APWG

The APWG, founded in 2003 as the Anti-Phishing Working Group, is the global industry, law enforcement, and government coalition focused on unifying the global response to electronic crime. Membership is open to qualified financial institutions, online retailers, ISPs and Telcos, the law enforcement community, solutions providers, multi-lateral treaty organizations, research centers, trade associations and government agencies. There are more than 2,000 companies, government agencies and NGOs participating in the APWG worldwide. The APWG's www.apwg.org and education.apwg.org websites offer the public, industry and government agencies practical information about phishing and electronically mediated fraud as well as pointers to pragmatic technical solutions that provide immediate protection. The APWG is co-founder and co-manager of the STOP. THINK. CONNECT. Messaging Convention, the global online safety public awareness collaborative www.stopthinkconnect.org and founder/curator of the eCrime Researchers Summit, the world’s only peer-reviewed conference dedicated specifically to electronic crime studies www.ecrimeresearch.org. APWG.EU, the APWG’s European Union chapter, was established in October, 2013 as non-profit research foundation headquartered in Barcelona, Spain.

Among APWG's corporate sponsors are as follows: Afilias Ltd., Agari, AhnLab, AT&T(T), Avast!, AVG Technologies, BBN Technologies, Barracuda Networks, BillMeLater, Bkav, Blue Coat, BrandMail, BrandProtect, Bsecure Technologies, CSC Digital Brand Services, Check Point Software Technologies, Comcast, CSIRTBANELCO, Cyber Defender, Cyveillance, DigiCert, Domain Tools, Donuts.co, Easy Solutions, eBay/PayPal (EBAY), eCert, EC Cert, ESET, EST Soft, Facebook, Fortinet, FraudWatch International, F-Secure, GAS Tecnologia, GlobalSign, GoDaddy, Google, GroupIB, Hauri, Hitachi Systems, Ltd., Huawei Symantec, IEEE Standards Association, ICANN, Iconix, IID, IronPort, ING Bank, Intuit, Internet.bs, IT Matrix, Kindsight, LaCaixa, Lenos Software, MailShell, Malcovery, MarkMonitor, M86Security, McAfee (MFE), Melbourne IT, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, NHN, MyPW, nProtect Online Security, Netcraft, Network Solutions, NeuStar, Nominet, Nominum, Public Interest Registry, Panda Software, Phishlabs, Phishme.com, Phorm, Planty.net, Prevx, Procera, Proofpoint, QinetiQ, Qihoo 360, Return Path, RSA Security (EMC), RuleSpace, SAIC (From Science to Solutions), SalesForce, SecureBrain, S21sec, SIDN, SiteLock, SoftForum, SoftLayer, SoftSecurity, SOPHOS, SunTrust, SurfControl, Symantec (SYMC), Tagged, TDS Telecom, Telefonica (TEF), TransCreditBank, Trend Micro (TMIC), Trustwave, Vasco (VDSI), VeriSign (VRSN), Websense Inc. (WBSN), Wombat Security Technologies, Yahoo! (YHOO) and zvelo.

Contacts

Media:
APWG
Peter Cassidy, +1 617-669-1123
pcassidy@apwg.org

Release Summary

APWG report provides an in-depth examination of four model programs that have been successfully utilized by consumers and enterprises for the cleaning of corrupted computing devices - at little cost.

Contacts

Media:
APWG
Peter Cassidy, +1 617-669-1123
pcassidy@apwg.org