Powered By InformationWeek Business Technology Network
 
Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share

Botnet 'Weather Report' Shows Power Of Botnets

The Weather Report 2009 explains how botnets are identified and tracked and examines their technical architecture

Feb 10, 2010 | 04:51 PM

Latest Botnet Weather Report from Prolexic details how:

* Criminals and political states alike sponsor the development of cyber warfare capabilities * Botnets are deployed in increasingly varied activities * Sponsors of online crime remain elusive

The global leader in Distributed Denial of Service (DDoS) mitigation services, Prolexic Technologies, today announces its latest study of the evolution of botnets. The Weather Report 2009 - incorporating a Botnet Activity Update and White Paper - explains how botnets are identified and tracked and examines their technical architecture, multiple deployments and the hierarchy of an attack.

Compromised PCs, or bots, are the weapons used to launch wide ranging attacks, from DDoS to clandestine intelligence gathering operations. Prolexic is currently tracking about 4300 command and control servers (C&Cs) which manipulate millions of bots. Bot-herders often have multiple C&Cs as well as knowledge of the IP addresses of the captured zombie hosts. Hence the bot-herders are able to reach out to previously infected bots, sometimes sparking botnet takeover battles with other bot-herders.

The Weather Report reveals how cyber criminals have created new capabilities to support increasingly sophisticated, organized attacks such as Data and Identity Theft (torpig), Government Cyber Espionage (Ghostnet), and even RansomWare (Hexzone). Still, the largest and most damaging botnets continue to be dedicated to DDoS attacks. Prolexic's report notes that state sponsored, advanced offensive, cyber warfare capabilities are led by the USA, Israel and China, with the UK unofficially admitting to having an offensive capability.

Paul Sop, CTO at Prolexic, says: "Discovering the motive behind an attack is important in tracking down the perpetrators. At present attacks are relatively untraceable - they can be launched from any location and the bot-herders work as anonymous mercenaries. The sponsors feel they have much to gain and little to risk and from this tower of immunity, and they will continue to sponsor increasingly sophisticated ways to herd and deploy botnets."

About Prolexic Technologies

Founded in 2003 and based in Hollywood, FL, USA, Prolexic Technologies provides global, leading edge services that protect Internet businesses from the debilitating service disruptions that can be caused by DDoS attacks. Prolexic's customers can be rest assured that their network borders are secure, allowing them to focus on their businesses.


Subscribe to RSS



Insider Threat Reports

report 3 Strategies to Protect Endpoints from Risky Applications
Most organizations have invested considerable time and effort in improving their endpoint risk management processes, but many are ill-equipped to handle myriad third-party applications that increasingly introduce the most risk into today’s IT environment. As IT has reduced the risk profile of PC and server operating systems, cyber-criminals have started to look for greener pastures. Learn three strategies to effectively take control of organizational endpoints and mitigate the rising risk from third-party applications.

report Inside Out: Protecting Your Partnerships -- and Your Data
Today's businesses depend on e-commerce among partners, but allowing third parties to access internal networks may endanger your data. How can IT security pros ensure that contractors, supplies and others get the access they need -- without becoming threats? This report offers some answers.

report Rotten Apples: How To Detect And Stop Malicious Insiders In Your Organization
Most data leaks are unintentional - but in every enterprise, there are a few hard cases that defy this truism and threaten the very heart of your data.What can you do to stop these rotten apples from using their intimate knowledge of your organization - and its data access methods - to wreak havoc? This report offers a detailed look at how malicious insiders might attack your data, how they’re motivated, and what you can do to stop them.

Other reports from the Insider Threat Tech Center:

Related Content

Anatomy of Insider Risk: Why You Could Be Your Worst Enemy
Organizations are typically aware of the problems they face from inside the firewall, but so many leaders focus on the risk of thieves and disgruntled employees that they leave too much room for error from the much more common insider threat: well-meaning, but negligent, insiders. Learn four steps to minimizing the risk.

Three Ways to Prevent USB Insecurity in Your Enterprise
As the advances in USB devices have made them invaluable to most business users’ workday processes, they have also exposed their organizations to three enormous risks: data loss, data theft and malware propagation. Learn how removable device policy enforcement can mitigate these risks while enabling managed use of these necessary productivity tools.

Medical Records on the Run: Protecting Patient Data with Device Control and Encryption
The convenience of putting medical records online enables healthcare professionals to provide more collaborative and knowledgeable care, but the more pervasive electronic health information becomes, the more of a risk it poses. Learn how to take advantage of the benefits of putting medical records online while effectively managing the risk.

The Great Balancing Act: Using USB Flash Drives in Government Environments
USB flash drives are a valuable tool in a government staffer’s virtual toolkit, but if left unmonitored they potentially introduce dangerous malware. Learn strategies for implementing a policy for secure USB use that will help prevent potential data loss, data theft, malware propagation and hacking.