News Categories

Next:CONGO: Rebel Killers Demand Amnesty

Information Warfare: Ominous Botnets

Archives

March 6, 2007: We're seeing history repeat itself in the way some Cyber War weapons, like botnets (PCs that are secretly controlled by the criminals) are primarily owned by civilian organizations. Same thing happened when artillery showed up centuries ago. Most kings and magnates could not afford to build and maintain a useful number of these large guns. But some sharp entrepreneurs saw an opportunity, and set themselves up as mercenaries.

We're seeing the same thing with botnets, which can be used to spew spam, launch a widespread attack on secret files, or shut down websites (with a DOS, or Denial of Service) attack.

There are currently 4-5 million PCs that have been infiltrated by hackers, turned into "zombies" and used by crooks for sending out spam, or performing other illegal acts. This has become a big business, with each PC in a botnet producing $300-$500 a year, or more, for those who control them. Botnets of 100,000 or more PCs are not unusual, and many of them are for rent.

Government agencies are believed to track the major botnets (some control 100,000 or more PCs), but they often keep their findings to themselves. Commercial and academic researchers are more open, which why we know what we do about botnets, and where they are going. Currently, there are several dozen major (over 10,000 zombies) botnets out there, and hundreds more smaller ones. A 10,000 PC botnet can earn millions of dollars a year, although there are also expenses. You need to constantly replace zombies that get cleaned up and removed from your control. A zombie PC usually hides its status from its legal user. All you might notice, if your PC had been infected by zombie software, and turned into part of a botnet, is spurts of intense hard drive activity from time to time, as well as occasional sluggish Internet access. Since both of these conditions are typical of most current PCs, you don't know you are infected unless your security software is capable of detecting and removing the zombie software. The way computer security software works these days (unobtrusively, in the background), you might get infected, and cleansed, several times in a month, without even knowing it. But the owner of a botnet knows when he losses one of his zombies, and must constantly search the Internet for new victims.

Botnet owners often hire specialized programmers to help with running the botnet, as well as buying new zombies, and custom software needed to keep up with security software, and the attempts of police and security researchers from tracking them down. You also need to put some money aside for possible legal expenses (if you get busted), although its more common to pay protection money to local gangsters or cops to keep other criminals, legal or otherwise, off your back.

It takes a lot of special skills to build and maintain a botnet. Moreover, the larger botnets (100,000 or more zombies) can be used as military weapons. A botnet that size can shut down military websites, or be used to worm its way into classified sites. Do any governments maintain their own botnets? No one is admitting to it. But in preparing for a future Cyber War, whoever has the biggest botnets, will likely prevail. Currently, there is one huge botnet, with up to 100,000 zombies, that seems to be doing nothing. Rather ominous.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close