In Fight Against Botnets, Warning Victims Is Half The Battle - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

03:50 PM

In Fight Against Botnets, Warning Victims Is Half The Battle

Combing through IP addresses is one of the biggest jobs ever for the FBI.

The feds have caught some of the alleged "bot herders" it says are spamming the world from botnets they've created. Now they'd like to warn more than 1 million computer owners whose machines have been infected, but doing so will be an inexact and tedious undertaking.

Investigators with the Federal Bureau of Investigation tracked down the million victims while working on five cybercrime cases, three of which have resulted in charges being filed. James Brewer of Arlington, Texas, last week was indicted on charges of operating a botnet that infected 10,000 computers, including those of Chicago-area hospitals. Jason Michael Downey of Covington, Ky., is accused of using botnets to launch denial-of-service attacks. Robert Alan Soloway of Seattle is charged with using a botnet network to send tens of millions of messages advertising his Web site.

InformationWeek Download

The FBI initially reported that it was going to work with the U.S.-CERT Coordination Center at Carnegie Mellon University to notify the owners of the compromised computers. It turns out, however, that's easier said than done. "We would not be able to resolve all the IP addresses and contact all the individual victims," says Shawn Henry, deputy assistant director of the FBI's Cyber Division.

Instead, the agency has begun notifying ISPs from which the IP addresses of infected computers originated. "If they choose to, they can contact their customers," says Henry. If the FBI determines that a large company or organization is among the botnet victims, it will notify them directly, he adds.

Combing through the IP addresses of zombie computers and notifying ISPs will be one of the biggest jobs the FBI has ever undertaken, says special agent Richard Kolko.

Botnets are created by hackers and malware writers, who infect computers with viruses and Trojans that let them remotely control the machines. They amass thousands or hundreds of thousands of zombie computers, from which they launch massive waves of spam, malware, and denial-of-service attacks. In recent months, botnets have been increasing in number and size. Owners of zombie machines generally aren't aware that their computers are infected and controlled by someone else.

Because botnets are widely distributed, the FBI considers them a growing threat to national security, the national information infrastructure, and the economy, according to an agency advisory issued last week.

In the Brewer case, prosecutors charged that he used a 10,000-strong botnet to scan the Internet for unprotected computers that could be added to his zombie army. The botnet included computers in the Cook County Bureau of Health Services, which operates health care centers throughout the Chicago area. According to the indictment, some of the infected computers belonged to the nuclear medicine department and oncology-radiation therapy department at John H. Stroger Hospital and the pharmacy department at Oak Forest Hospital.

Because of the botnet infection, the hospitals' computers would repeatedly freeze or crash, causing "significant delays in the provision of medical services" and access to data needed by health care workers. The hospitals spent more than 1,000 hours trying to fix the systems.

In recent months, rival online gangs have even begun a virtual turf war for bragging rights to the largest botnets, sending out waves of malware aimed at stealing zombie computers from rival gangs to build up their own army.

The FBI wants to raise public awareness that people and companies need to secure their computers against botnets. Says Henry, "We have to maintain personal responsibility over our computers."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
7 Technologies You Need to Know for Artificial Intelligence
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2019
A Practical Guide to DevOps: It's Not that Scary
Cathleen Gagne, Managing Editor, InformationWeek,  7/5/2019
Diversity in IT: The Business and Moral Reasons
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  6/20/2019
Register for InformationWeek Newsletters
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll