Since year 2000, I've preached the message of cyber attacks as a matter of national security. I've preached it loud and long to anyone who would listen. I've had congressmen and Attorney Generals say they "understand" or they will "address the issue" but never do. The 2002 director of the FTC seemed to get it, but few others did. At least, so far, no one has really gotten serious enough to do anything about it.
Well, reports have been pouring in for the past month about massive strikes against Georgia by Russian botnets. It's a very scary scenario -- one that should be understood -- and its warning heeded:
The Georgians also experienced cyber-attacks even before the invasion began, just as the Estonians did last year after defying Moscow and uprooting a Russian statue. These 'spam-on-steroids' attacks conducted by legions of 'botnets' can jam or degrade critical government websites, Internet-based phone services, even public utilities. Those techniques began with what the Soviets called 'radio-electronic combat' - the jamming, interception or physical destruction of battlefield enemies. But in both Estonia and Georgia, the Western world learned that cyberwar has now become a weapon of mass disruption to intimidate defenseless civilian populations - routinely and without any apparent moral reservations.
The Botnet Threat
Windows and Unix users who don't watch the gates can easily fall prey to botnets. There are millions of these PC computers around the world, and 99% of their users don't know much more than how to click. They are easy victims to cyber criminials' agendas.
Ten Million Zombies Distributing Spam and Malware Every Day
Panda Security's laboratory for detecting and analyzing malware has announced the findings from a joint report with CommTouch on the current state of spam. The report found that on average during the second quarter of this year, more than 10 million zombie computers (systems infected by 'bots' and controlled remotely by cyber criminals) were sending spam and emails with malware every day.
See: Bear prints found on Georgian cyber-attacks, By John Leyden, The Register, 8/14/2008
Note, that report found ten-million computers on the botnets. Those machines are capable of sending a couple of million spam emails a day.
Russians may not be responsible for cyberattacks on Georgia
Although few will speculate who else would want to attack Georgia, Joel Hruska seems to suspect otherwise. He reports for the Ars Technica network:
Earlier this week, we covered a report from the Georgian Foreign Ministry, claiming that the Russian Business Network (RBN) was actively engaged in cyberwarfare against Georgia-with the blessing and backing of the Russian government. There have been no new reports from that source, but several security experts have spoken up, and raised the question of whether or not the Russian government is actually involved
See: Joel's full story
How botnets work
Open this Schematic of how a botnet works for a fairly clear example of the typical botnet.
Once programmed to do the dirty work, any email or web site can be loaded with the software required to infect the unwary user's computer. Once the computer is compromised, the "zombie" malware sits, undetected, and waits for the next queue, which is usually delivered via email, or directly via peer-to-peer. The victim only has to connect to the internet.
The honorable resolution
I think it's time the Justice Department hires the brightest programmers to build an anti-botnet zombie, and send it out to do honorable work detecting and disabling cybercrime botnets -- and to bring the swift sword of justice to the task of either forcing ICANN to disable rogue registrars -- or rebuilding ICANN from to bottom up to do the job it is supposed to be doing.
The risks and threats of botnet inflicted cyberwar are indeed real and present.
The question is, what is going to be done about it?
Thanks for reading...
Fred Showker, Editor, Graphic Design & Publishing