DDoS Zombies Could Number 11 Million
Published: Friday, December 17, 2004 Online-Casinos.com
DDoS ZOMBIES COULD NUMBER 11 MILLION
Busting the botherds and botnets could be the key...
The Independent newspaper carried fascinating new information on the criminal wave of Distributed Denial of Service extortion attacks that have become such a serious threat to all online industries.
Although many of the cases the newspaper used to illustrate the story have been previously reported, it contained interesting new information, for example the case of a US businessman (now a fugitive from justice) who hired a *botherd* with an army of 10 000 *zombie* PCs to attack a competitor's business in the States.
The revelation that there are an estimated 11 million zombie PCs around the world, and that 25 percent of the National High Tech Crime Unit's caseload in the UK is *bot* related is an alarming new statistic.
Detective Chief Superintendent Mick Deats, the head of the National Hi-Tech Crime Unit (NHTCU), has an impossible task, The Independent reports. How does he defend the UK against attacks from 11 million PCs around the world? The problem with "botnets" (as groups of these machines are known) is becoming serious. "One indication of the increase in organised crime groups' use of botnets is that 25 per cent of our work revolves around this area of criminality, and that looks likely to increase," Deats says.
So how do botnets work? A bot is a hidden remote-control program loaded on to your computer without your consent, and increasingly used for villainous purposes. Under the control of a "botherd", the botnet can be anything from few hundred to tens of thousands of machines. Large botnets pack a mighty electronic punch when the combined bandwidth attacks a website, denying access to legitimate users. Botnets send out spam, carry out identity theft, mount "phishing" scams (getting people to divulge personal information and data) or disseminate new malware (malicious software, designed to damage or disrupt a system).
"Botnets are attractive to hi-tech criminals because they can be reconfigured to commit different crimes and reprogrammed in response to new security developments, and particularly because criminals can use them to commit offences on a massive scale," Deats says.
A botherd may control different types of bot. They swap information, services or favours, and read underground hacker publications on how to make money from their botnets. Botherds will even patch your computer with the latest Microsoft security updates to prevent other botherds from stealing it. And one-line commands initiate massive attacks from as many as 75,000 bots simultaneously.
This is what the NHTCU is now afraid of: that serious organised crime will pay hackers to write more powerful bots. Worryingly, it has noted denial-of-service extortion attacks on other kinds of firm as the online gaming industry strengthens its defences and refuses to pay up. The NHTCU also strongly advises home PC users to install the latest software patches and anti-virus software and a firewall.
AOL does more than most internet service providers to curb the botnet menace. Broadband customers have free McAfee firewall software, backed by central virus and spam scanning. An AOL spokesman claims that other ISPs face problems: "Most ISPs could, at peak, be experiencing hundreds of compromised accounts each day; probably more among those ISPs that don't have a strong security focus."
The head of threat analysis at Symantec, Nigel Beighton (he's also the company's director of enterprise strategy) knows all about user laziness. The company reckons that 30,000 new machines are recruited as bots every day, although its Norton software products will repel viruses, worms and malware. "It's now quite common for us to see that denial-of-service attacks are sophisticated and can be controlling 30,000 bots at time," Beighton says.
Matt Sergeant, a senior anti-spam technologist at Messagelabs, also understands the problem. From its work in filtering spam and viruses, Messagelabs reckons that 70 to 90 per cent of spam is sent by botnets. Sergeant says his company works with law enforcement to seek justice, even though this runs the risk of becoming a target of some "particularly nasty" people.
The problems for law enforcement don't get any easier. Botnet technology has combined with phishing, another major concern for the NHTCU. Phishing fools 5 per cent of recipients into divulging bank details, credit-card numbers, user names and passwords. According to the Anti-Phishing Working Group, the number of spoof websites that are hosted on compromised broadband PCs has risen by more than 50 per cent. The sites are quickly switched around, suggesting that some degree of automation is involved. And the phishing e-mails are already sent out by botnets.
Popular Poker Card Rooms:
