Microsoft sees botnets as top '07 Net threat

Microsoft sees botnets as top '07 Net threat
Microsoft sees botnets as top '07 Net threat 

By Robert McMillan
December 27, 2006
IDG News Service

If there's one thing that Aaron Kornblum would like to quash, it's the 
botnet armies.

These are the remote-controlled PCs that have been taken over without 
their users' knowledge. Symantec Corp. counted more than 4.5 million of 
them during the first six months of the year, and according to Kornblum, 
they are the backbone of today's cybercrime.

"Botnets are really where it's at for serious cybercriminals, because of 
their concentrated power," said Kornblum, a senior attorney with 
Microsoft Corp.'s Internet Safety Enforcement team. "That power can be 
used for all sorts of malicious conduct on the Internet."

These armies of compromised computers are behind such scourges as spam, 
phishing and denial-of-service attacks. More recently, the bad guys have 
been using botnets to boost Web advertising billings by automatically 
clicking on Internet ads, a practice known as clickfraud.

Kornblum is on a team that was created in 2002 to help crack down on 
cybercrime. A splinter group of three Microsoft employees who had been 
working on software piracy and counterfeiting, the team initially 
focused on computer viruses and spam. But it has since grown into a 
65-person operation that has tackled child pornography, typo-squatting 
and, of course, the botnet threat.

Over the past year, Kornblum's group has helped law enforcement crack 
down on worldwide phishing scams, helping, for example, to take down a 
Bulgarian gang that had been spoofing Microsoft's own customer service 

"Unfortunately, we continue to see phishing as a serious threat," 
Kornblum said.

Phishers have been getting more sophisticated and better at reproducing 
trusted Web sites. And lately they've also been taking on new targets 
that may not have the resources of major e-commerce or financial 

"They're moving away from the top banking brands like Citibank ... and 
they're moving down to mid-level and smaller-market financial 
institutions like credit unions and community banks, which may not have 
done as much consumer education," Kornblum said.

Botnets are changing the economics of cybercrime, according to Daniel 
Druker, executive vice president of marketing with Postini Inc. "I call 
it grid computing gone bad," he said.

The botnet networks have emerged as the number one source of spam over 
the past year, giving spammers access to virtually unlimited bandwidth, 
he said.

Because spammers no longer have to pay for the messages they send, they 
can e-mail larger documents, such as image files, he said. And the bad 
guys have been able to use these distributed networks to make it harder 
for vendors such as Postini to identify and block spamming computers.

There typically are about 50,000 computers sending spam and malicious 
content at any given moment, Druker said. Usually, these computers will 
pop up and operate for about 45 minutes, and then go silent, making it 
hard for them to be identified.

A few years ago, Bill Gates predicted that the spam problem would be 
solved by the end of 2006, a prediction that proved to be seriously off 
the mark.

Kornblum, for his part, declined to guess when the botnet problem will 
be solved.

"The only certainty is that the problems and challenges will continue to 
evolve," he said. "They're all unique, though they're interrelated, 
certainly ... but botnets are the most dangerous at present, because of 
their power."

Subscribe to InfoSec News 

Site design & layout copyright © 1986-2015 CodeGods