Information Warfare: Botnets Versus the Military

Archives

April 21, 2006: Military computer users were reminded how vulnerable they were earlier this year, when a California man (Jeanson James Ancheta), pled guilty to breaking into a US Navy computers at China Lake. Ancheta wasn't after secrets, he was just turning PCs into zombies. Zombies are PCs that have been taken over, unbeknownst to their owners, by software secretly installed by hackers. The networks of zombie computers are the primary means to sending out spam, and breaking into additional weakly defended PCs. These botnets can also be used to launch DDOS (Distributed Denial of Service) attacks that can shut down a site with a flood of garbage messages, or pretending to be a web surfer, to generate advertising revenue illegally for clients. What was really scary about Ancheta was that he had over 40,000 zombie PCs under his control, and breaking into the navy PCs at China Lake was no big deal. The navy PCs were just another bunch of vulnerable computers available to any hacker that comes along. Another scary thing about Ancheta, is that he's the first American to be prosecuted for running a fleet of zombie PCs. Ancheta, a 20 year old employee of an Internet café, was pulling down over $2,000 a week from his botnet.

The military nailed him because, while there are always some vulnerable PCs among the million plus machines the Department of Defense uses, the Pentagon also has a lot of troops running around trying to fix security on unprotected machines. While your average home PC turned into a zombie might never be found out, military PCs eventually come under a lot more scrutiny.

Internet crooks like Ancheta usually don't take the time to find out who their zombies belong to, they just want to harness more machines for their criminal activities. Over 100,000 PCs a day are turned into zombies, and forming these botnets has become a very competitive business. Only the best led and organized botnet gangs are going to check the ownership of every PC they compromise. Most of the gangs will continue to give military PC security plenty of work. But the botnet gangs also continue to, unwittingly, keep the troops informed about the latest techniques of botnet management. In time of war, a botnet can be more useful than a squadron of F-22s.