Cyber Crime and Cyber Terrorism

Download 5,67 Mb.

Pdf ko'rish

bet	236/283
Sana	19.05.2022
Hajmi	5,67 Mb.
	#604880

1 ... 232 233 234 235 236 237 238 239 ... 283

Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

CHAPTER 231 17 Responding to cyber crime and cyber terrorism— botnets an insidious threat Giovanni Bottazzi, Gianluigi Me

230
CHAPTER 16
The rise of cyber liability insurance
a variety of approaches to this which should be carefully assessed and understood,
the benefits of a comprehensive and effective Cyber Liability policy will not be fully
understood until they are needed.
The insurance market is historically slow to develop products which have little or
no statistical information available but as this details surrounding breaches becomes
more readily available the provision of CL Insurance will increase along with the
demand in the market place. The future of CL Insurance is secured and will undoubt-
edly evolve over the coming years. The only question is how quickly CL Insurance
will evolve into full Data Protection Insurance. This is a step which has yet to be
taken but undoubtedly needs to happen.

CHAPTER
231
17
Responding to cyber crime
and cyber terrorism—
botnets an insidious threat
Giovanni Bottazzi, Gianluigi Me
INTRODUCTION
One of the most insidious cyber threats for the IT community is currently represented
by a diffusion of networks containing infected computers (called bots or zombies),
which are managed by attackers and are called botnets.
The use of botnets is very common in various IT contexts, from cybercrime to
cyber warfare. They are able to provide a very efficient distributed IT platform that
could be used for several illegal activities such as launching Distributed Denial of
Service (DDoS), attacks against critical targets or starting with a “sample” attack
followed up with an email or other communication threatening a larger DDoS attack
(if a certain amount of money is not paid—cyber extortion), malware dissemination,
phishing and frauds (e.g., banking information gathering) or to conduct cyber-espio-
nage campaigns to steal sensitive information.
In these scenarios, the controller of a botnet, also known as botmaster, controls
the activities of the entire structure giving orders to every single zombie through vari-
ous communication channels.
The diffusion of the botnets measures their level of dangerousness and depends
on the capabilities of managers to involve the largest number of machines trying to
hide the activities of the malicious architecture too—a particular kind of “hide and
seek” game.
A critical phase in the botnets arrangement is represented by its constitution.
Attackers can recruit bots diffusing a malware, typically via phishing or sending the
malicious agent via email.
Infected machines receive commands from Command & Control (C&C) servers
that instruct the overall architecture how to operate to achieve the purpose for which
it has been composed.
The diffusion of botnets has recently increased due to various factors such as:
• increased availability of powerful internet connectivity and hosts (to be
understood not only as personal computers, but as objects of everyday life
more and more interconnected and smart). Fifty to one hundred billion things

Download 5,67 Mb.

Do'stlaringiz bilan baham:

1 ... 232 233 234 235 236 237 238 239 ... 283