I recently read this article regarding “botnets” and “zombies” and found it pretty disturbing. It discusses the vulnerability of any computer connected to the internet. Although network security professionals constantly insist on the use of detection programs and firewalls to protect your computer, it is not always enough. In a matter of minutes an unprotected computer can be turned into a “zombie” by automated programs that hide in the internet waiting to take over computers. A “botnet” is formed by taking multiple “zombie” computers and linking them together. This chain is then used to search for sensitive information, send spam e-mail, and turn other computers into “zombies”.
While none of this surprised me, some of the statistics did. Although security professionals such as Microsoft have drastically decreased the number of detected botnets from about 500,000 to 300,000 in 2008, they are still causing a large amount of damage. A single botnet is capable of controlling millions of computers. A study by a computer security firm called Secunia found that detection programs have limited effectiveness. The most effective program they test only caught 64 of 300 ways in which the computer was vulnerable to malware. I found that to be an unsettling number. I knew that detection software didn’t catch everything, but I’m surprised that even the best program only detects a little over 20 percent of the vulnerabilities.
Some of the new “features” of botnets are even more intriguing. One particular botnet actually activated Microsoft Windows Update on computers that took over in order to wipe out competing malware. Other botnets even install anti-spyware software on the computers they infect in order to ensure their sole control of the machine. With more advanced features such as this, botnets are becoming increasingly difficult to find and therefore destroy. Although there are organizations such as the International botnet Task Force that are attempting to fight against these attackers, they face a number of challenges. For example, depending on the source of the botnet, it may be outside the legal jurisdiction of the United States. However, Microsoft teams, among others, are doing everything that they can to prosecute the people creating these botnets.
http://www.toptechnews.com/story.xhtml?story_id=1200044YU4Y0&page=1
Posts
I just found some positive news regarding botnets, so I thought I’d post the update. Recently, the FBI arrested eight people who were involved botnet attacks. The FBI was running a campaign called “Operation Bot Roast” that focused on finding the attackers who set up botnets, totaling $20 million in scams. Among the those arrested was a 21 year old named Ryan Brett Goldstein and a teenager from New Zealand who were suspected of working together. They hit the University of Pennsylvania with a denial of service attack as well as a large-scale botnet attack. Several others were arrested for running botnet operations as well. A 26 year old named John Schiefer was arrested for his work in the “botnet underground” including data theft. Two others were arrested for a large-scale phishing scam that targeted businesses.
ReplyDelete