Cybersecurity Groups Launch “Chain of Trust” Initiative to Combat Malware


WASHINGTON, May 19, 2009 — Three of the world’s leading cybersecurity groups today launched a new initiative to combat malicious software (malware) by establishing a “Chain of Trust” among all organizations and individuals that play a role in securing the Internet.

Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware.

Applying many of the same approaches used to bring nuisance adware under control, Chain of Trust Initiative aims to establish a united front against a threat continues to grow exponentially. Kaspersky Labs recently reported that malware distributed through social networking sites is successful 10 times more often than scams distributed via email.

“Strong security in any one organization or sector is not enough to combat an agile, fast evolving threat like malware, which exploits security breakdowns between entities,” said Ari Schwartz, ASC Coordinator and Vice President of the Center for Democracy & Technology (CDT). “We all need to work together to build a system that withstand and repel the next generation of exploits.”

The first order of business in the Chain of Trust Initiative is to map the complex, interdependent network of organizations and individuals that make up the chain. Only by identifying all the vulnerable links and understanding how they connect to one another can malware fighters get a handle on the problem and begin to develop consensus solutions.

“Online safety and security is a shared responsibility that requires the involvement of governments, corporations, non-profit institutions and citizens,” said Michael Kaiser, Executive Director of the NCSA. “The Chain of Trust Initiative will focus furthering the development of tools that provide better protections. However, we must also continue to ensure that all of us implement universal behaviors online that protect us against a multitude of threats.”

ASC, NSCA and will lead the mapping effort and jointly develop ideas and initiatives to form stronger bonds between links on the chain. Leaders of the initiative have already begun reaching out to key players and identifying critical areas for collaboration. In the next six months, the Chain of Trust Initiative will produce a paper tracking the results of the mapping project and propose initial recommendations to strengthen the chain.

“Organization and collaboration are our best tools against an enemy that doesn’t play by any rules,” said manager Maxim Weinstein. “Just by nature of how the Internet works, malware distributors have a technological advantage, but we can respond by strengthening our shared networks and by better understanding our shared responsibilities.”

About the Anti-Spyware Coalition: The Anti-Spyware Coalition (ASC) is a group dedicated to building a consensus about definitions and best practices in the debate surrounding spyware and other potentially unwanted technologies. Composed of anti-spyware software companies, academics, and consumer groups, the ASC seeks to bring together a diverse array of perspective on the problem of controlling spyware and other potentially unwanted technologies.

About National Cyber Security Alliance: The National Cyber Security Alliance is a non-profit organization. Through collaboration with the government, corporate, non-profit and academic sectors, the mission of the NCSA is to empower a digital citizenry to use the Internet securely and safely protecting themselves and the cyber infrastructure. NCSA works to create a culture of cyber security and safety through education and awareness activities. Visit for more information.

About is a partnership among the academic community, consumer groups, technology industry leaders, and volunteers committed to protecting Internet users from threats to their privacy and security caused by bad software. is led by Harvard University’s Berkman Center for Internet & Society. The initiative is supported by Google, PayPal, Mozilla, AOL, and Trend Micro. For more information, please visit