Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, September 30, 2004

Botnet-related crime is beginning to indicate to the experts what they might expect next

Security experts are beginning to see a pattern in cybercrimes.  According to communications firm Energis, online crime appears to be occurring in cyclical patterns related to the creation of botnets—zombie armies of PCs that have been taken control of without the owners’ knowledge.

“When you see the creation of zombie networks, you can almost see the life cycle of a spam and virus attack,” said Malcom Seagrave, head of security strategy for Energis.  “It’s the same with DDoS [denial-of-service] attacks and those who steal data.  We can’t prove it, but we think they are related.  The attacks are well-organised and they are beating the security industry.”

Seagrave said combined threats, such as keystroke-logging Trojans embedded in spam, were causing serious damage to company networks.  “Some of their methods, we just can’t work out,” he said.  “But the most important way to stop this is user education.”

Botnets are readily available for hire on the Internet.  According to anti-spam campaigner Steve Linford of Spamhaus, botnets are first set up for spammers to hire and then sold on—often for DDoS attacks - when they have been blocked by anti-spam firms.

Seagrave said he thought that online retailers needed to beef up their security in time for Christmas: “You’ll almost certainly see a DDoS attack coming before Christmas.  Retailers will have to be wary as you can expect a growth in attacks this year”.  The National Hi-Tech Crime Unit agreed that retailers face a security challenge this winter.,39020345,39168639,00.htm

Posted on 09/30