Another take down of the world third largest botnet (after Cutwail and Lethic), called GRUM and this time roughly 18 percent of global spam, or 18 billion spam messages a day was reported on Wednesday, 18 July 2012, according to NY Times. The C&C servers pointing to IP addresses 18.104.22.168 and 22.214.171.124 have identified by FireEye researchers with the help of Dutch authorities and these IP addresses are Russian and Panama IP addresses, respectively. GRUM botnet has been around since 2008 according to FireEye security researcher. When the 2 servers was taken down by the Dutch authorities, the bot herders quickly move their C&C servers to Ukraine and the Panama servers were removed immediately by the bot herders. Even tough we have successfully taken down GRUM but the world has not yet free from SPAM and worst, one botnet died, 3 more botnet sprang up. At the end, we need to catch those coders and put them behind bars, as quoted by Jose Nazario, a senior security researcher from Arbor Networks.
U.S., through the arm of NIST, is now leading The National Initiative for Cybersecurity Education (NICE) program to establish an operational, sustainable and continually improving cybersecurity education program for the nation to use sound cyber practices that will enhance the nation’s security. The strategic plan is publicly distributed here. The overall plan can be viewed below:
Comments on the NICE draft strategic plan are due by September 12, 2011. NIST’s federal partners that contributed to the plan include the Department of Homeland Security, the Department of Defense, the Department of Education, the National Science Foundation, the Office of Personnel Management and the National Security Agency.