OECD Open Forum on Malware

14 November 2007 - A Open Forum on Security in Rio de Janeiro, Brazil


Participants in the OECD Open Forum on Malware will include: the Governement of Australia, the Government of Malaysia, The Messaging and Anti Abuse Working Group (MAAWG), Council of Europe, Internet Corporation for Assigned Names and Numbers (ICANN), Microsoft, and Patrik Falstrom (as moderator).

Additional Information

The need to strengthen security in the online environment is more pressing than ever due to the continued growth of economic and social activities conducted over the Internet and the increased severity and sophistication of cybercrime activity.

Malicious code and programmes, commonly known as “malware”, are a key component in the broader cyberattack system and have evolved over the last twenty years from occasional ‘exploits’ to a global multi-million dollar criminal industry. Still on the rise, malware is a shared concern for governments, businesses, consumers and civil society, and more broadly a threat to the future of the Internet economy. In particular, the past five years have brought an unprecedented surge in the use of malicious means to attack information systems for the purpose of gathering information, stealing money and identities or even denying users access to essential electronic resources.

As announced at the IGF meeting in Athens, Greece, the OECD’s Working Party on Information Security and Privacy (WPISP) began in 2006 to examine the issues of malware in cooperation with the Asia Pacific Economic Cooperation Telecommunication and Information Working Group (APEC TEL). This work was undertaken with the goal of informing policymakers of the impacts of malware, cataloguing data trends in malware growth and evolution, examining the economics of malware and the business models behind malicious activity involving malware, evaluating existing technical and non-technical countermeasures to combat malware; and, outlining recommendations to fill gaps and secure information systems from the threat of malware. The OECD and APEC TEL plan to publish the results of this work in an analytical report on malware in early 2008 and bring the issues of malware and recommendations for addressing them to the OECD Ministerial on the Future of the Internet Economy (17-18 June 2008) to be held Seoul, Korea.

The OECD Open Forum on Malware at the IGF will consist of a Panel discussion among representatives from government, civil society, internet service providers, the domain name community, the private sector security community (security and software vendors), the incident response community, and law enforcement. It will seek to raise awareness of some of the main issues associated with malware, highlight some of the challenges to addressing these issues and discuss options to be considered.

The agenda for the OECD's Open Forum will be as follows:


Introductory Topic Speaker/presenter
10 min Introductory remarks



60 min Malware Panel

Moderator – Patrik Fältström


Government 1


Colin Oliver

Government 2  


Shamsul Jafnie Shafie

Legal frameworks

Council of Europe

Marco Gercke/Jean-Charles de Cordes

Internet Service Provider


Jonathan Curtis

Domain Name Community


Paul Twomey

Software Developer


David Pollington

15 min Q&A



5 min Closing Remarks