Declaring war on botnets

Internet security has never been worse. Is this a war we can win, or are Internet crimes destined to be a bigger and bigger part of all our futures?
Written by Phil Windley, Contributor

This morning's New York Times carried a John Markoff article on the growing threat of zombie networks. Internet crimes are on the increase and botnets, large networks of computers that have been compromised by hackers and turned to the hackers purposes are increasingly the tool of choice. The article quotes Gadi Evon:

"It's the perfect crime, both low-risk and high-profit. The war to make the Internet safe was lost long ago, and we need to figure out what to do now."

The article also quotes David Dagon, a researcher at the Georgia Institute of Technology saying "that botnet programs are present on about 11 percent of the more than 650 million computers attached to the Internet." ShadowServer estimates that over 400,000 machines on the Internet are infected.

Botnet programs are used for Spam--all those graphic images touting the next big thing in penny stocks are the result of botnets--as well as other illegal activities. What's more, the architecture of the software running on many of the botnets is such that they can be repurposed like any general purpose computer. At least one designer of these systems is brazen, actively participating in technical discussion groups:

The extent of the botnet threat was underscored in recent months by the emergence of a version of the stealthy program that adds computers to the botnet. The recent version of the program, which security researchers are calling "rustock," infected several hundred thousand Internet-connected computers and then began generating vast quantities of spam e-mail messages as part of a "pump and dump" stock scheme.
The author of the program, who is active on Internet technical discussion groups and claims to live in Zimbabwe, has found a way to hide the infecting agent in such a way that it leaves none of the traditional digital fingerprints that have been used to detect such programs.

The article gives little hope that the problem will be solved any time soon and few clues about what can be done to combat it. All kinds of experts were quoted, but no one offers any advice. In fact, the consensus of the people quoted seems to one of hopelessness.

Is it hopeless? What do you think can be done to solve the problem? Cast your vote below or leave a comment.

[poll id=36]
Editorial standards