“When you see the creation of zombie networks, you can almost see the life cycle of a spam and virus attack,” said Malcom Seagrave, head of security strategy for Energis. “It’s the same with DDoS [denial-of-service] attacks and those who steal data. We can’t prove it, but we think they are related. The attacks are well-organised and they are beating the security industry.”
Seagrave said combined threats, such as keystroke-logging Trojans embedded in spam, were causing serious damage to company networks. “Some of their methods, we just can’t work out,” he said. “But the most important way to stop this is user education.”
Botnets are readily available for hire on the Internet. According to anti-spam campaigner Steve Linford of Spamhaus, botnets are first set up for spammers to hire and then sold on — often for DDoS attacks – when they have been blocked by anti-spam firms.
Seagrave said he thought that online retailers needed to beef up their security in time for Christmas: “You’ll almost certainly see a DDoS attack coming before Christmas. Retailers will have to be wary as you can expect a growth in attacks this year”. The National Hi-Tech Crime Unit agreed that retailers face a security challenge this winter.
http://news.zdnet.co.uk/communications/networks/0,39020345,39168639,00.htm