- +
Your World. . . Hacked 02/10/2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network - +
Doing Your Sums on . . . Build, Buy or Rent 05/11/2007 13:32:30
You’re trying to build a world-class IT team, but everyone’s going after the same talent pool. What mix works best? Should you grow your own, draft your players or barter your way to the line-up you want to field?CIOs should never forget that while new technologies have a maturity cycle, the maturity cycle for human beings in IT is even longer
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Market Trends: Multienterprise/B2B Infrastructure Market | Worldwide | 2008
Why Security SaaS Makes Sense Today
Web Security SaaS: The Next Generation of Web Security
Radicati Market Quadrant 2008 on Corporate Web Security
Dude! You Say I Need an Application-Layer Firewall?!
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
If there's one thing that Aaron Kornblum would like to quash, it's the botnet armies.
These are the remote-controlled PCs that have been taken over without their user's knowledge. Symantec counted more than 4.5 million [m] of them during the first six months of the year, and according to Kornblum, they are the backbone of today's cybercrime.
"Botnets are really where it's at for serious cyber criminals, because of their concentrated power," said Kornblum, a senior attorney with Microsoft's Internet Safety Enforcement team. "That power can be used for all sorts of malicious conduct on the Internet."
These armies of compromised computers are behind such scourges as spam, phishing and denial of service attacks. More recently, the bad guys have been using botnets to boost Web advertising billings by automatically clicking on Internet ads, a practice known as clickfraud.
Kornblum is on a team that was created in 2002 to help crack down on cybercrime. A splinter group of three Microsoft employees who had been working on software piracy and counterfeiting, the team initially focused on computer viruses and spam. But it has since grown into a 65-person operation that has tackled child pornography, typo-squatting and, of course, the botnet threat.
Over the past year, Kornblum's group has helped law enforcement crack down on worldwide phishing scams, helping, for example, to take down a Bulgarian gang that had been spoofing Microsoft's own customer service team.
"Unfortunately, we continue to see phishing as a serious threat," Kornblum said.
Phishers have been getting more sophisticated and better at reproducing trusted Web sites. And lately they've also been taking on new targets that may not have the resources of major e-commerce or financial players.
"They're moving away from the top banking brands like Citibank ... and they're moving down to mid-level and smaller-market financial institutions like credit unions and community banks, which may not have done as much consumer education," Kornblum said.
Botnets are changing the economics of cyber crime, according to Daniel Druker, executive vice president of marketing with Postini. "I call it grid computing gone bad," he said.
The botnet networks have emerged as the number one source of spam over the past year, giving spammers access to virtually unlimited bandwidth, he said.
Because spammers no longer have to pay for the messages they send, they can e-mail larger documents, such as image files, he said. And the bad guys have been able to use these distributed networks to make it harder for vendors such as Postini to identify and block spamming computers.
There typically are about 50,000 computers sending spam and malicious content at any given moment, Druker said. Usually, these computers will pop up and operate for about 45 minutes, and then go silent, making it hard for them to be identified.
A few years ago, Bill Gates predicted that the spam problem would be solved by the end of 2006, a prediction that proved to be seriously off the mark.
Kornblum, for his part, declined to guess when the botnet problem will be solved.
"The only certainty is that the problems and challenges will continue to evolve," he said. "They're all unique, though they're interrelated, certainly ... but botnets are the most dangerous at present, because of their power."
Computerworld Member Login
IT Security as a business enabler?
Download CA's white paper
Link IT services with business goals.
Download CA's white paper
Tumbleweed appoints O2 Networks to its Australian Channel Partner Program 2008-08-29 12:31:00+10
HP ProCurve Brings Big Business Gigabit Switching Features to Small Businesses 2008-08-29 12:00:00+10
Nortel and LG Electronics are First in World to Demonstrate Mobile LTE Handover 2008-08-29 11:30:00+10
GlobalConnect Provides Treatment for Healthcare Provider’s Contact Support Requirements 2008-08-29 09:59:00+10
Sybase and Logica Partner To Mobilise The Supply Chain 2008-08-29 09:47:00+10
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
Web 2.0 applications are all the rage, offering us tremendous value when it comes to collaboration and communication. They also open us up to new kinds of attacks however, and can cause problems in keeping systems and data secure. Read on to learn about the new attack methods and how you can defend yourself and your business.
