Battling the Botnet Pandemic
Your home computer may be among the millions of PCs that are under the control of criminals, and worse yet, you may not even be aware of it.
Botnets, networks of compromised computers that hackers have commandeered, are one of the most serious and uncontrolled Internet problems of 2007, with experts warning that their rampant rule puts the Internet's future in danger.
Between 100 million and 150 million of the 600 million PCs on the Internet are under the control of hackers, estimated Vint Cerf, known as one of the "fathers of the Internet." In a panel discussion on the future of the Internet at January's World Economic Forum, Cerf, who co-developed the TCP/IP protocol that is at the base of Internet traffic, equated the spread of botnets to a disease that has reached a "pandemic" scope.
While most everyday computer users may be unaware of botnets, their effects show up all over the Net. Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer.
"Computer users are often lured into installing software that they think is necessary for a download, and unknowingly install malicious software at the same time," says Christopher Allansson, Manager of the Lavasoft Security Center.
With the number of infected computers on the rise and no clear solution in sight, botnets threaten the cyber-world with real-life results.
Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users.
Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft. An exploit can be sold for anywhere from $200 to $50,000 US dollars, Chad Harrington of FireEye told CIO Today.
The Internet's structure and resiliency has allowed it to keep functioning, in spite of attacks against it.
One of the most significant assaults on the Net, the February 7 distributed denial of service attack against domain name system (DNS) servers that manage global computer traffic, appears to have been the work of a botnet, experts say. At least two of the 13 DNS root servers were briefly overwhelmed, but Internet service was not disrupted.
Even with its known stability, researchers say an answer to the botnet problem must be found in order for the Web to survive. Improved operating system security and user authentication may help to alleviate the botnet threat, but neither is a failsafe solution.
The future may even see "disposable virtual PCs," accessed through the Internet, to cut down on the threat of virus infection, Michael Dell, the founder of Dell computers, said.
Whatever the solution, it is likely to take a coordinated effort to get the problem under control. According to Hamadoun Toure, secretary general of the International Telecommunications Union and panellist at the World Economic Forum, the botnet fight is a "war" that can only be won by cooperation between regulators, governments, security firms, telecom providers, and computer users.
"A step computer users should take, along with keeping their anti-virus and anti-spyware software up-to-date, is to always be aware of what they are downloading," Allanson said. "You should never install software if you are unsure of the vendor. If you have doubts, submit suspicious files to a free scanner service like Virustotal.com for an analysis."