misuse. We can’t be sure we actually cut off enough of the head, either.
Alternate head #2 may be primed and ready to take over.The host and all its
data are still in peril. Ultimately, we still have to address host security and do a
better job of it.
Botnets
certainly represent a new, more evolved form of malware.
Malware used to be one virus and maybe one remote controlled host, not an
entire assemblage of exploited hosts remotely controlled.The big differences
now are in the numbers of controlled hosts and the use of exploited hosts for
money, possibly with organized crime behind it all. Systems are used for var-
ious forms of identity theft (phishing, more later)
and other forms of fraud,
including bogus mouse clicks on Web pages, spam generation, and the use of
denial of service as a form of extortion.
Computers are hacked in different ways—some traditional, some new, and
as of yet possibly unknown. Botnets represent a
rapid sphere of evolution in
some sense in attacks, but most of the attacks are old and represent nothing
new. These attacks include traditional password guessing and Microsoft file
share attacks. Password-guessing attacks could be dealt with by known strong
authentication techniques or even such simple
techniques as making sure
accounts have passwords. Microsoft file share attacks often succeed simply
because people for whatever reason (bad reasons, typically like “it is not con-
venient”) don’t update their computers.
So, possibly to misquote John Paul Jones: “we have not yet begun to
fight.” We do not know if the situation is worse than it was a few years ago
(attacks often go unreported). We might simply
be more aware of what is
happening in the black-hat world. Even if botnet technology changes, though,
the arms race between white-hats trying to protect computers and black-hats
trying to exploit computers has been going on for awhile.That particular
arms race is not new, either.There will be new
advances in both white-hat
and black-hat technologies. At times, white-hat technologies may discover a
way to more easily discern botnet traffic or practices. At times, the black-hat
hackers may create a new technology and deploy it in their botnet malware.
This doesn’t mean the white-hats should give up and call it a day.
In the meantime, we would do well to pay attention to the usual suspects:
1. We need more education about security in general and botnets in
Do'stlaringiz bilan baham: