Battling the Botnet Pandemic

[annarere1960]

Your home computer may be among the millions of PCs that are under the control of criminals, and worse yet, you may not even be aware of it.

Botnets, networks of compromised computers that hackers have commandeered, are one of the most serious and uncontrolled Internet problems of 2007, with experts warning that their rampant rule puts the Internet's future in danger.

Between 100 million and 150 million of the 600 million PCs on the Internet are under the control of hackers, estimated Vint Cerf, known as one of the "fathers of the Internet." In a panel discussion on the future of the Internet at January's World Economic Forum, Cerf, who co-developed the TCP/IP protocol that is at the base of Internet traffic, equated the spread of botnets to a disease that has reached a "pandemic" scope.

While most everyday computer users may be unaware of botnets, their effects show up all over the Net. Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer.

"Computer users are often lured into installing software that they think is necessary for a download, and unknowingly install malicious software at the same time," says Christopher Allansson, Manager of the Lavasoft Security Center.

With the number of infected computers on the rise and no clear solution in sight, botnets threaten the cyber-world with real-life results.

Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users.

Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft. An exploit can be sold for anywhere from $200 to $50,000 US dollars, Chad Harrington of FireEye told CIO Today.

The Internet's structure and resiliency has allowed it to keep functioning, in spite of attacks against it.

One of the most significant assaults on the Net, the February 7 distributed denial of service attack against domain name system (DNS) servers that manage global computer traffic, appears to have been the work of a botnet, experts say. At least two of the 13 DNS root servers were briefly overwhelmed, but Internet service was not disrupted.

Even with its known stability, researchers say an answer to the botnet problem must be found in order for the Web to survive. Improved operating system security and user authentication may help to alleviate the botnet threat, but neither is a failsafe solution.

The future may even see "disposable virtual PCs," accessed through the Internet, to cut down on the threat of virus infection, Michael Dell, the founder of Dell computers, said.

Whatever the solution, it is likely to take a coordinated effort to get the problem under control. According to Hamadoun Toure, secretary general of the International Telecommunications Union and panellist at the World Economic Forum, the botnet fight is a "war" that can only be won by cooperation between regulators, governments, security firms, telecom providers, and computer users.

"A step computer users should take, along with keeping their anti-virus and anti-spyware software up-to-date, is to always be aware of what they are downloading," Allanson said. "You should never install software if you are unsure of the vendor. If you have doubts, submit suspicious files to a free scanner service like Virustotal.com for an analysis."
_________________
The heaviest baggage for a traveler is an empty wallet.

[tkboxer]

I read this too and was amazed at the number of computers that have been "overtaken"
One of the latest tricks by the bad guys appear to be emails announcing you've won a $500 gift certificate to a well known retailer, of course once you open that email there will be a link in it that will either cost your identity or turn your computer into a "bot".
These guys are so smart and all it takes is one slip on your part and at the least you'll be reformatting your machine or worse...you could be calling creditors saying, "I never made those purchases, thats not me."
_________________
No matter how many times you try...you can't clone the dirt off your screen.

[GEORGIEBOY26]

this is SCARY
_________________
I USED TO BE INDECISIVE, BUT NOW I,M NOT TO SURE....

[Boneapart]

[chefjoe]

yep, so true. i can no longer use Pay Pal, cause of constant messages trying to get info from me that mimic pay Pal perfectly. Since i've been unable to get pal pal to close my account, I've had to destroy my CC's used there and simply no longer use the service. So yes be careful, very very careful out there.

[tkboxer]

[GEORGIEBOY26]

never use a link in email about paypal,always go straight to site from your browser, I have had lots of strange mssges supposedly from them but always ignore them.....I think the service is ok if used properley.
_________________
I USED TO BE INDECISIVE, BUT NOW I,M NOT TO SURE....

[dooleytool]

I used to think people caught by the early versions of these scams were getting what they deserved for their greed/stupidity but now they are becoming so clever you have to be very careful and read exactly what it is you have just received,before doing anything.
Remember the main rules..if its too good to be true...its not.If its from ANY bank/online money vendor , or anything like that and asking for confirmation of details,go to this link,or anything like that then it is VERY likely its a fraudulent e-mail.