Malware & Botnet initiative

Overview


The Malware & Botnet initiative from the FBI's National Cyber-Forensics and Training Alliance

"is dedicated to better understanding the technology and identifying individuals or groups who utilize malicious code to enable crimes. The NCFTA maintains a collection of data regarding malicious code incidents, the network architecture being utilized to execute the schemes, and the communication channels implemented in these architectures.

NCFTA technical teams analyze this data to, among other things, identify criminal hosting providers that allow malicious code to be distributed through their servers. The data is also correlated with other datasets in order to link malicious code incidents with other cyber crimes, such as brokerage fraud, economic espionage, phishing and other types of credential theft. In doing so, the NCFTA seeks to identify trends or patterns within the data repository that will help to better detect such threats in the future and to assist in mitigation and neutralization efforts together with NCFTA partners.

To further advance this initiative, NCFTA analysts participate in a number of operational security communities and working groups that focus on cyber threats associated with malicious code. In doing so, NCFTA staff members continually seek to strike a delicate balance between monitoring for investigations and aggressive mitigation when appropriate, to protect partners and other US economic interests."