Tuesday | 2 December, 2008
Microsoft sees botnets as top cyber-threat
Botnets the backbone of today's cybercrime, says Microsoft's Internet Safety Enforcement attorney
Robert McMillan (IDG News Service) 27/12/2006 08:59:37

If there's one thing that Aaron Kornblum would like to quash, it's the botnet armies.

These are the remote-controlled PCs that have been taken over without their user's knowledge. Symantec counted more than 4.5 million [m] of them during the first six months of the year, and according to Kornblum, they are the backbone of today's cybercrime.

"Botnets are really where it's at for serious cyber criminals, because of their concentrated power," said Kornblum, a senior attorney with Microsoft's Internet Safety Enforcement team. "That power can be used for all sorts of malicious conduct on the Internet."

These armies of compromised computers are behind such scourges as spam, phishing and denial of service attacks. More recently, the bad guys have been using botnets to boost Web advertising billings by automatically clicking on Internet ads, a practice known as clickfraud.

Kornblum is on a team that was created in 2002 to help crack down on cybercrime. A splinter group of three Microsoft employees who had been working on software piracy and counterfeiting, the team initially focused on computer viruses and spam. But it has since grown into a 65-person operation that has tackled child pornography, typo-squatting and, of course, the botnet threat.

Over the past year, Kornblum's group has helped law enforcement crack down on worldwide phishing scams, helping, for example, to take down a Bulgarian gang that had been spoofing Microsoft's own customer service team.

"Unfortunately, we continue to see phishing as a serious threat," Kornblum said.

Phishers have been getting more sophisticated and better at reproducing trusted Web sites. And lately they've also been taking on new targets that may not have the resources of major e-commerce or financial players.

"They're moving away from the top banking brands like Citibank ... and they're moving down to mid-level and smaller-market financial institutions like credit unions and community banks, which may not have done as much consumer education," Kornblum said.

Botnets are changing the economics of cyber crime, according to Daniel Druker, executive vice president of marketing with Postini. "I call it grid computing gone bad," he said.

The botnet networks have emerged as the number one source of spam over the past year, giving spammers access to virtually unlimited bandwidth, he said.

Because spammers no longer have to pay for the messages they send, they can e-mail larger documents, such as image files, he said. And the bad guys have been able to use these distributed networks to make it harder for vendors such as Postini to identify and block spamming computers.

There typically are about 50,000 computers sending spam and malicious content at any given moment, Druker said. Usually, these computers will pop up and operate for about 45 minutes, and then go silent, making it hard for them to be identified.

A few years ago, Bill Gates predicted that the spam problem would be solved by the end of 2006, a prediction that proved to be seriously off the mark.

Kornblum, for his part, declined to guess when the botnet problem will be solved.

"The only certainty is that the problems and challenges will continue to evolve," he said. "They're all unique, though they're interrelated, certainly ... but botnets are the most dangerous at present, because of their power."

Computerworld Buyer's Guide - Vendors Matched to this Article
Dimension Data , Trend Micro , GFI , SonicWALL , Secure Computing , MessageLabs , CA
More about HIS Limited, Symantec, Microsoft, Postini, Community Banks, Financial Institutions, Evolve, Bill, Citibank
Computerworld Buyer's Guide - Vendors Matched to this Article
Dimension Data , Trend Micro , GFI , SonicWALL , Secure Computing , MessageLabs , CA
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Zones
Zone logoZones provide focussed content from Computerworld and leading technology partners.
Newsletter Subscription
Sign up for our Computerworld newsletters!
RSS Feeds
Market Place
IDC Report | IT Service Management Needs and Adoption Trends | Download now
Learn to use EMC Celerra IP Storage with Vmware Infrastructure 3 over iSCSI and NFS | Download white paper now
IDC Report | Making the Business Case for IT Consolidation | Download now
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. View now.
New webcast | Discover the advantages of an open architecture multi-vendor network solution | View now
Learn how to prioritize services with IT Service Management (ITSM). Watch the Computerworld webinar now!
Beat the credit crunch. 0% for 24 months. Just for small business. Offer ends 24th Dec!
Understand the Value of Unified Communications | Download white paper now
Discover why Ubiquitous Mobility is a key future component of Network Architecture | Download Forrester report now
Discover best practice strategies for the archival and removal of .PST files using email archiving

 
CA Knowledge Centre

Security Management

Protect your critical IT assets, achieve sustainable regulatory compliance, reduce IT administration costs and enable new business opportunities with our IT security solutions.

IT Security as a business enabler?
Download Whitepaper

CA Knowledge Centre

Success Stories


Australian Unity minimises costs and maximises productivity with single sign-on for 1,400 users
Australian Unity needed to address its business and security risks including user management and application security management. The company chose an enterprise single sign-on (ESSO) solution and discovered increased employee productivity, reduced help desk costs and elevated data protection.
Download the full Success Story


BT saves more than £15 million and improves customer services with comprehensive Identity & Access Management
To enable future growth and ensure its services remain competitive, BT needed to build closer relationships with its customers and suppliers. Discover how the company is now performing over 36 million transactions a day with their improved Identity & Access Management Solution.
Download the full Success Story


Identity & Access Management


Simplify and Secure: Managing User Identities Throughout their Lifecycles
Organisations are constantly challenged to keep pace with ongoing changes to users and their roles, responsibilities and requirements. Discover how CA can help you create a unified approach for managing users identities, providing them with timely and appropriate access to applications and information.
Download Whitepaper


Simplify, Integrate and Safeguard Your Business with Secure Web Business Enablement
Modern organisations are required to aggressively expand the number and type of Web applications and services provided to customers, partners and employees. Discover how to automate, delegate and centralise your key processes and services including user administration, access policies, auditing and compliance by reading on.
Download Whitepaper


Simplify, Integrate and Secure: Providing Secure Access to Server-based Information and Resources Across Platforms
Distributed servers are a powerful asset in any company’s infrastructure. Over time, most organisations have acquired a variety of different platforms and are relying on them to house an increased amount of critical applications, processes and data. Read on to discover how you can achieve a consistently higher level of server access security across multiple platforms including virtual hosts and guest operating systems.
Download Whitepaper

Get a job Careerone
Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links