NTIA Releases Cybersecurity Report

The National Telecommunications & Information Administration has released a report on botnets, DDoS attacks and other cyber threats.

The report was based on over 40 responses to NTIA's request for comments on those attacks, which was issued last June. A final report that incorporates the NTIA report is due to the President by May 11, 2018.

NTIA got 47 responses, including from NCTA-The Internet & Television Association, with what the agency said were several broad themes: addressing risks is a shared responsibility; distributed, automated attacks are linked to other threats; they are global and require international cooperation.

Related: International Communications Privacy Bill Reintroduced

NTIA said the commenters "resoundingly" endorsed voluntary, consensus-based and community-led processes, including the National Institute of Standards & Technology and NTIA's privacy multi-stakeholder processes.

There were also strong voices against too large a regulatory role by government, but others said that the lack of existing security protection and the lack of market incentives to adopt them meant there was greater need for "policy interventions."

Securing internet of things (IoT) devices was a big concern, as was just how that could happen with the not-yet-mature marketplace.

Related: Equifax Hearing Slated for Oct. 3

They agreed that “more tools and better, more widely adopted practices are needed." They also agreed that being able to get together on a solution was key.

"Stakeholders emphasized the importance of information sharing and collaboration between infrastructure providers, defensive security services that protect against DDoS attacks, and the victims of these attacks," said the report.

NTIA said stakeholders held out hope for addressing botnets between the ISP and the device, and said that one place for "active" government involvement was disrupting networks generating distributed automated attacks.

A draft of the overall report, including input from a NIST workshop and a National Security Telecommunications Advisory Committee’s (NSTAC) Internet and Communications Resilience (ICR) subcommittee report on the issue, will be released for 30 days of public comment on Jan. 5, 2018.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.