Home & Office

Internet guru warns of botnet pandemic

Vint Cerf has painted a bleak picture of the internet's future if the spread of botnets continues at its current pace
Written by Will Sturgeon, Contributor

Father of the internet Vint Cerf has warned high-powered attendees at the World Economic Forum in Davos that the internet is at serious risk from botnets.

Vast networks of compromised PCs, used by criminals for sending spam and spyware and for launching denial of service attacks are reported to be growing at an alarming rate in terms of their potential and Cerf, now an employee of Google, warned they could undermine the future of the internet — likening their spread to a pandemic.

Botnets are getting smaller, more stealthy and more discreet and yet the volumes of spam are going up.

Cerf predicted that a quarter of all PCs currently connected to the internet — around 150 million — could be infected by Trojans which covertly seize control of a computer and its broadband connection, handing control of both to remote criminals.

According to Mark Sunner, chief security analyst at MessageLabs, Cerf's words of warning are far from scaremongering and the picture is at least as serious as Cerf paints it.

Sunner said around the turn of the year security experts were watching one botnet, called Spam Thru, which not only had its own antivirus protection to clear other botnets off 'its patch' but had the potential to be 10 times more productive than most other botnets while evading detection because of in-built defences.

He said the most worrying thing about Spam Thru is that he suspects a major spike in traffic towards the end of 2006 was merely a testing of the waters and much worse could be to come — not least when other similarly sophisticated botnets appear online.

Sunner added: "With new levels of sophistication this has reached a real milestone. Botnets are getting smaller, more stealthy and more discreet and yet the volumes of spam are going up.

"Without a hint of scaremongering, will this get a lot worse throughout 2007 in terms of botnet sending? Absolutely, yes."

Editorial standards