Are rogue botnets imperiling the Internet?
The problem of botnets and the worms, Trojans, and DDoS attacks that they are responsible for is worrying many IT professionals. Not to mention that most spam is sent out by botnets. The seriousness of the threat from the Conficker worm alone has reached the point where the New York Times put a story about it on its front page today. The story begins:
Like a ghost ship, a rogue software program that glided onto the Internet last November has confounded the efforts of top security experts to eradicate the program and trace its origins and purpose, exposing serious weaknesses in the world’s digital infrastructure.
The story makes it clear how even determined computer experts find it very difficult to counteract a sophisticated malware attack. The fact is that the combination of insecure Windows software, hundreds of millions of unwary and untrained PC users, and savvy malware writers has created a problem that can only grow worse. Not even the combined efforts of university researchers, law enforcement officials, and computer experts at more than two dozen Internet, software and computer security firms have stopped Conficker. The Times story says:
The program, known as Conficker, uses flaws in Windows software to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors. With more than five million of these zombies now under its control — government, business and home computers in more than 200 countries — this shadowy computer has power that dwarfs that of the world’s largest data centers.
No one has an easy answer to the problem although Steven Vaughan-Nichols writes:
This is only going to get worse. Windows’ insecurity has allowed millions of PCs to turn into soldiers in botnet armies. Most of the time, their controllers are happy to let these systems quietly churn out hundreds of millions of spam e-mails a day. Or, as in the case of the Clampi Trojan, which has infected up to a million Windows PCs, silently steal credit card information.
Now, however, botnets are being used for more than just the criminal activities of social misfits eager to make a quick buck off of naive users. They’re being used to attack businesses, countries and, in the case of the attack that busted up the social networks this month, one individual, a pro-Georgia blogger.
Think about that. Every major Western social network was brought to its knees because a small group of people were ticked off at one guy.
We can’t let this continue. Catching the botnet masters has proved to be close to impossible. So we’re going to have to try another approach.
The only way I can see of doing it is to choke off the botnets. Since all — I repeat all — botnets run on poorly secured Windows systems, I think Internet service providers have to either block compromised PCs from getting to the Internet in the first place or force-feed security upgrades into them.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.