By Will Sturgeon, 26 January 2007 17:10
NEWS
Father of the internet Vint Cerf has warned high-powered attendees at the World Economic Forum in Davos that the internet is at serious risk from botnets.
Vast networks of compromised PCs, used by criminals for sending spam and spyware and for launching denial of service attacks are reported to be growing at an alarming rate in terms of their potential and Cerf, now an employee of Google, warned they could undermine the future of the internet - likening their spread to a pandemic.
Cerf predicted that a quarter of all PCs currently connected to the internet - around 150 million - could be infected by Trojans which covertly seize control of a computer and its broadband connection, handing control of both to remote criminals.
According to Mark Sunner, chief security analyst at MessageLabs, Cerf's words of warning are far from scaremongering and the picture is at least as serious as Cerf paints it.
Sunner said around the turn of the year security experts were watching one botnet, called Spam Thru, which not only had its own antivirus protection to clear other botnets off 'its patch' but had the potential to be 10 times more productive than most other botnets while evading detection because of in-built defences.
He said the most worrying thing about Spam Thru is he suspects a major spike in traffic towards the end of 2006 was merely a testing of the waters and much worse could be to come - not least when other similarly sophisticated botnets appear online.
Sunner added: "With new levels of sophistication this has reached a real milestone. Botnets are getting smaller, more stealthy and more discreet and yet the volumes of spam are going up.
"Without a hint of scaremongering, will this get a lot worse throughout 2007 in terms of botnet sending? Absolutely, yes."
Comments
There are 9 comments. Join the discussion
1. Richard Davies
So why are people just watching these botnets instead of taking action.
Its past letting people off the hook because they are nieve or plain stupid.
People who are infected with these trojans should be shutdown some how...perhaps by a 'good' botnet created by security companies (in conjunction with other measures).
If someone sent me post containing some of the stuff I get in spam e-mail...the police etc. would take it very seriously and probably cart someone off to jail...what is different with regards the internet?
People are scared of taking responsibility for this, but I think if someone stepped forward...others would soon follow as this is now a big problem especially with reports the other week about the internet reaching capacity!
2. anonymous
My email inbox is being bombarded by messages offering stock market tips. There are no attachments to open to allow a virus in; there are no requests to answer and as far as I can see they have no potential value to anyone, so why am I getting them? (I simply delete them, but when they come in batches of 10 or 12, it's a pain).
Fellow readers will have guessed that I am not a technical type, so my apologies to those of you who are. I would simply like to know if there is any danger and if there is a way of stopping these messages. Spam filters don't seem to work as the headers and messages constantly change.
Colin.
3. anonymous
You have to ask youself one question...
... who actually *benefits* from Spam and Virus-like activity?
Ultimately, it is the AV companies, selling endless updates to counter the invasion, that's who....
And if botnets et al can't be detected by these products, why aren't the OFT investigating the sale of such products?
4. Simon
To Anonymous from Scotland, what you are getting is "pump and dump" spam (see http://en.wikipedia.org/wiki/Pump_and_dump). It's harmless to you as it contains no malicious code - but it is trying to persuade you to buy shares and inflate the price so that the perpetrator can sell their holdings (bought cheap) at a profit.
The things is that if ISPs actually got their act together they could slash spam overnight. Sure it'll cost them a bit in engineering, but I recon it would cost them less than they are paying now to try and deal with the results of doing nothing.
The first thing they need to do is filter all outgoing smtp traffic from their customers (and provide an opt-in facility for legitimate senders). This would simply block the spam at the ISPs network. This would not affect the 90+% of users who send their mail via their ISPs servers. The only way left for the spammers would be to route the outbound traffic via the ISPs servers where it will be a lot easier to detect and kill.
Like I say, not a lot of work, and some ISPs do it already. It will only stop when all ISPs do it.
5. BillK
So, an estimated 25% of computers are infected with viruses or Trojans?
I would link this with the recent news item from Microsoft that 22% of Windows computers have failed their Validation check and are pirated copies.
Microsoft, of course, refuses to patch these 'illegal' copies of Windows, thus ensuring a ready supply of computers open to Trojan attacks.
Thanks a lot, Microsoft!
P.S. I run PCLinuxOS.
6. BillK
Get a gmail account.
Google's spam filters work very well.
Or get the free version of MailWasher.
It also works very well.
7. anonymous
Why not nail the companies that are using botnets to spread their wares? that way it would make it unprofitable for them to use the nets for SPAM
8. Lionel A Smith
Anonymouse of Stoke:
I note that you call yourself a techie, nothing wrong with that however your attitude about other users displays a poor grasp of the realities of most people’s lives.
How much do you know about modern medicine and surgery, history, earth sciences or astronomy? You see most people lead very busy lives juggling work and family commitments. Because the have not grasped the finer elements of computer protection does not necessarily mean that they are thick.
I myself have been involved with computers since the early 1980’s (indeed I still have issues of BYTE going back that far), have programmed for them and taught classes on them and on their applications, but still struggle to keep up with all the current security issues. In fact my biggest struggle is to simply stay alive at the moment but I still manage to help others, as far as able, to improve their awareness of security issues and computer management.
I have found by bitter experience that installing AV and Firewall as well as MS security updates can be prone to causing software, firmware and hardware issues, issues that take time to investigate.
I have lost myself for days on the MS site without reaching any definitive solution. Even calls to MS support have finished with suggestions to roll back all updates to SP2 and turn off AutoUpdate because the simple, non techie’ way of doing things was prone to bringing down and installing updates which were not required and which could cause conflict issues. What a joke!
9. anonymous
<Yawn> The monthly scaremonger by the security company/analysts to keep sales up.
Almost everbody has antivirus these days. If you don't then you take the risk. When was the last time you had any problems with viruses/trojans/bots?
Years ago. I can't even remember it.
Its people with open web servers that should clean up their act, as many are used for phishing.