Feds' 'Operation Bot Roast' Reveals 1 Million Victims - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management

Feds' 'Operation Bot Roast' Reveals 1 Million Victims

As the FBI and the Justice Department investigated botnet operators, they began amassing a list of the alleged botnet victims -- with most of them here in the United States.

In the Department of Justice and the FBI's attack on "botherders," the government has identified more than 1 million botnet victims.

The agencies announced Wednesday the results of an ongoing cybercrime initiative to disrupt and dismantle botherders, a term used for the people creating and operating an increasing number of botnets around the world. The FBI reported in an online advisory that its agents are working with the U.S.-CERT Coordination Center at Carnegie Mellon University to notify the owners of the compromised computers.

Government investigators tracked down the million victims while working on five different cybercrime cases, according to Richard Kolko, a special agent with the FBI.

Charges already have been handed down in three of those cases. James C. Brewer of Arlington, Texas, is charged with operating a botnet that infected Chicago-area hospitals. His botnet allegedly infected tens of thousands of computers worldwide. The government charged Jason Michael Downey of Covington, Ky., with using botnets to launch denial-of-service attacks. Robert Alan Soloway of Seattle was also charged this month with using a large botnet network to spam tens of millions of messages to advertise his Web site.

Kolko told InformationWeek that as agents delved into these three cases, along with two others that are under investigation, they uncovered the botnet victims.

"There are hundreds of cybercrime cases at any given time, but we put the botnet cases together for this initiative," he said. "We're trying to get people to take care of their computers. They're unaware participants in this criminal activity. We need them to take the proper precautions so we can put a dent in this crime."

He also said most of the 1 million victims they found are in the United States. The government, he added, will continue to try to find more victims so they can notify them and get the compromised machines cleaned up.

Hackers and malware writers conspire to infect computers around the world with viruses and Trojans that allow them to remotely control the victim machines. Then they amass thousands or hundreds of thousands of these zombie computers, creating great armies -- or botnets -- of them. In recent months, botnets have been increasing in number and in size, as they launch massive waves of spam, malware, and even denial-of-service attacks.

Most of the owners of the zombie machines don't even know they have been infected or that their machines are being controlled by someone else.

According to the FBI's advisory, because of their widely distributed capabilities, the government considers botnets a growing threat to national security, the national information infrastructure, and the economy.

"They were a problem and they're emerging as a greater problem as people use them to get around security measures and cause greater damages," said Assistant U.S. Attorney Erez Liebermann, chief of the computer hacking and intellectual property unit in New Jersey. "The fact that they can do so much damage with the press of a button is a huge problem."

A large number of the botnets are controlled by hackers and botherders outside of the United States, with a growing number being set up in China. Dealing with cybercriminals outside the country's borders has been an issue -- but it's one the U.S. government is working on.

"Generally speaking, international aspects of these cases do have extra hurdles, but more and more countries are cooperating," said Liebermann. "There are efforts to get [cooperation] from China, and they're paying off."

In recent months, rival online gangs have even begun a virtual turf war for bragging rights to the largest botnets. Two or three online criminal gangs have been waging an all-out battle for control of the largest botnets, sending out waves of malware aimed at stealing zombie computers from rival gangs to build up their own army. Each online gang is trying to build up the biggest botnet because the bigger the army of infected computers they control, the more money spammers and hackers will pay to use them, said Shane Coursen, a senior technical consultant for Kaspersky Lab, in a previous interview.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll