Thanks to willing accomplices and easy-to-use technology, the threat from linked computers is expanding, reports Karen Epper Hoffman.
Botnets aren't that big a deal any more, right?
That's what people often say to Richard Henderson, security strategist for Fortinet's FortiGuard Labs. Despite the continued rise of these networks of compromised computers, he says, the average person is typically unaware of how pervasive and pernicious these threats have become. “Botnets are a pretty big deal, and the impact of botnets is woefully understated,” he says. “The owners of botnets have been really good at staying under the radar.”
While these purveyors of nefariousa malware may be good at staying out of the spotlight, it's clear that their creations are a front-and-center problem for corporate security pros, as well as consumers. Last year, four of the top five biggest threats to home-based networks were botnets, according to Kindsight Security Labs, which also reported that nearly 50 percent of home network infections in 2012 were the result of botnet-related malware.
And, according to Roger Thompson (left), chief emerging threats researcher for ICSA Labs, a Mechanicsburg, Pa.-based independent division of Verizon, new botnets are being created all the time. “It's difficult to eradicate them because there's just so many of them,” he says. Thompson, who wrote one of the first anti-virus programs in 1987, says threats have modified over the years, as criminals have improved their techniques – often incorporating the ability to disable anti-virus products into their botnet downloader.
For financial institutions and other high-profile corporate targets of botnets, the related fallout from an attack – whether aimed at financial gain or just to cause instability and mayhem – can affect services and internal business, and cost millions of dollars. Banks and their customers are often inconvenienced for days at a time, especially since more and more customers are depending on online transactions for their day-to-day tasks, says Kurt Baumgartner (right), senior security researcher for Moscow-based Kaspersky Lab, referencing recent attacks on financial institutions such as American Express. “Organized crime continues to have a pretty sophisticated business model here with larger and more sustained attacks,” he says.
Indeed, botnet attacks have been the purview of crime rings inside and outside of the United States for years. One of the key issues with stamping out botnets is their seeming longevity: They morph and evolve and, simply put, many of them never go away. Indeed, one-third of the top 10 botnets identified by Fortinet are nearly a decade old. While efforts from the anti-malware and law-enforcement communities have temporarily taken down or crippled botnets such as Mariposa – which consisted of eight to 12 million individual zombie computers – parts of these powerful botnets live on to cause more damage.