Law enforcement battles with botnets

Increased attention shutting down million-zombie botnets but many criminals, including teens and retirees, are operating under the radar, government officials say.
Written by ZDNet UK, Contributor

Law enforcement is wise to phishing and botnets but with increased police attention the problem is getting worse, not better, reports News.com.

At presentations at the Computer Security Institute's NetSec this week, representatives of the Dept. of Justice and the Air Force's Office of Special Investigation said cybercrime is clearly ratcheting up.

"We're seeing increasingly sophisticated groups online that are more indicative of crime groups," said Jonathan Rusch, special counsel for fraud prevention at the Justice Department. The criminals who have been caught range from teenagers to retirees, he said.

Phishers are using Trojan horses that pack backdoors, screen grabbers or keystroke loggers to capture log-in names, passwords and other information, he said. Such software gives hackers access to user accounts by capturing logins and passwords and essentially lets them ring up online charges from someone else's machine.

Even scarier are botnets, in which malicious software infects a machine, turning it into a zombie. Herds of zombies are used to launch attacks on servers that don't fork over blackmail payments, or the machines can be used to store kiddie porn or purloined creditcard numbers.

"Botnets are one of the greatest facilitators of cybercrime these days. Really the cybercrime arena is wrapped around botnets," Wendi Whitmore, a special agent with the Air Force Office of Special Investigations, said.

...Bot masters are getting smarter about hiding. Today, most botnets are controlled using Internet Relay Chat, or IRC, servers and channels. Soon that could become instant messaging, peer-to-peer technology or protocols used by Internet phone services such as Skype or Vonage, Whitmore said.

"That is something that we're worried about because those protocols are proprietary," she said. "They don't publish routing protocols; it would be very difficult to catch that kind of crime."

Editorial standards