Appendix A: FSTC Phishing Solutions Categories . . . . . . . . 453

427_Botnet_TOC.qxd 1/9/07 3:25 PM Page xvi

Botnets: 
A Call to Action
Solutions in this chapter:
■
The Killer Web App
■
How Big Is the Problem?
■
The Industry Responds
Chapter 1
1
Summary
Solutions Fast Track
Frequently Asked Questions
427_Bot_01.qxd 1/8/07 11:53 AM Page 1

Introduction
Throughout 2006, technical security conferences have been discussing the latest
“killer Web app.” Unfortunately, this Web technology works for the bad guys.
With funding from organized crime and spam lords, a generation of talented
hackers without morals has created a devastating arsenal of deadly toys, in the
form of botnets. Norman Elton and Matt Keel from the College of William &
Mary in the 2005 presentation “Who Owns Your Network?” called bot net-
works “the single greatest threat facing humanity.”This may be an exaggeration,
but Botnets are arguably the biggest threat that the Internet community has
faced. John Canavan, in a whitepaper titled “The Evolution of Malicious IRC
Bots,” says that Botnets are “the most dangerous and widespread Win32 viral
threat.” According to the cover of 
eWEEK
magazine for October 16, 2006, we
are “Losing the Botnet War.”The article by Ryan Naraine titled “Is the Botnet
Battle Already Lost?” describes the current state of the Botnet environment:
Botnets are “the key hub for well-organized crime rings around the globe,
using stolen bandwidth from drone zombies to make money from nefarious
Internet activity.” (for more information, go to www.eweek.com/article2/
0,1895,2029720,00.asp.) By contrast the security response is in its infancy with
several vendors releasing version 1 of botnet-related products. Badly needed
intelligence information is locked away with only the slightest means of com-
municating it to the security professionals that need it.There isn’t any such
thing as an information security professional security clearance. One vendor
told us that the quality of their product depends on the quality of their intelli-
gence sources and then went on to say that they could give us no information
that could vouch for the quality of their intelligence sources.
Our early weapon against botnets involved removing the bot server, the
strategy of “removing the head of the serpent.” Recent articles about the state
of the security profession response to botnets have lamented the discovery
that we are not fighting a snake, but rather, a hydra. It has not one head but
many and cutting off one spawns two to replace it. Much has been made of
the loss of this weapon by the press. In the article, several security profes-
sionals admit that the battle is lost. In real warfare, generals must battle the
enemy, but just as important, they must battle against the loss of morale. Many
of the security professionals who pioneered the fight against botnets are
demoralized by the realization that taking out the Command and Control

Download 6,98 Mb.

Do'stlaringiz bilan baham: