FBI: Operation Bot Roast finds 1 million botnet victims
Network World -
The FBI is working with industry partners, including the Computer Emergency Response Team Coordination Center at Carnegie Mellon University, to notify the owners of the victim computers. Microsoft Corp. and the Botnet Task Force have also helped the FBI. Through this process, the FBI may uncover additional incidents in which botnets have been used to facilitate other criminal activity, the FBI said in a statement.
The FBI and the Justice Department have a continuing cybercrime initiative to disrupt and dismantle botnets known as Operation Bot Roast. The results include the following:
- James C. Brewer of Arlington, Texas, is alleged to have operated a botnet that infected Chicago-area hospitals. This botnet infected tens of thousands of computers worldwide.
- Jason Michael Downey of Covington, Ken., is charged with using botnets to send a high volume of traffic to intended recipients to cause damage by impairing the availability of such systems.
- Robert Alan Soloway of Seattle, known as the "Spam King," is alleged to have used a large botnet network and sent tens of millions of unsolicited e-mail messages to advertise his Web site, from which he offered services and products.
Bots are widely recognized as one of the top scourges of the industry. Research firm Gartner Inc. predicts that by the end of the year, 75% of enterprises "will be infected with undetected, financially motivated, targeted malware that evaded traditional perimeter and host defenses."
Early reports from beta customers of a yet-to-be-released product from security vendor Mi5 Inc. show how nefarious these infections can be. Mi5 says it installed a Web security beta product at an organization with 12,000 nodes and in one month detected 22 active bots and 123 inactive bots and was watching another 313 suspected bots. Those bots were responsible for 136 million incidents, such as scanning for other hosts inside the firewall.
Google Inc. researchers recently said at least one in 10 Web pages is booby-trapped with malware. Google's Ghost in the Browser study looked at more than 4.5 million Web pages and found that 10% of them were capable of activating malicious codes and that 16% were suspected to contain codes that might be a threat to computers.
Most owners of the compromised computers are unknowing and unwitting victims. They have unintentionally allowed unauthorized access and use of their computers as a vehicle to facilitate other crimes, such as identity theft, denial-of-service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Because of their widely distributed capabilities, botnets are a growing threat to national security, the national information infrastructure and the economy, the FBI said.
"The majority of victims are not even aware that their computer has been compromised or their personal information exploited," said James Finch, FBI assistant director for the Cyber Division. "An attacker gains control by infecting the computer with a virus or other malicious code, and the computer continues to operate normally. Citizens can protect themselves from botnets and the associated schemes by practicing strong computer security habits to reduce the risk that your computer will be compromised."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts