TechWeb

FBI Arrests Bot Masters As Cyber Crime Worsens

Nov 29, 2007 (12:11 PM EST)

Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=204301293


Even as the FBI on Thursday announced a series of arrests in conjunction with its ongoing campaign against botnets, computer security company McAfee warned that there's no end in sight to the fight against cyber crime.

The FBI said that since June, when it announced "Operation Bot Roast," eight individuals have been indicted, plead guilty, or were sentenced for criminal activity related to botnets and that 13 warrants haven been served in the U.S. and overseas in connection with the effort.

"Today, botnets are the weapon of choice of cyber criminals," said FBI Director Robert S. Mueller, III in a statement. "They seek to conceal their criminal activities by using third-party computers as vehicles for their crimes. In Bot Roast II, we see the diverse and complex nature of crimes that are being committed through the use of botnets. Despite this enormous challenge, we will continue to be aggressive in finding those responsible for attempting to exploit unknowing Internet users."

The FBI should find no shortage of work going forward. According to Secure Computing, a computer security firm, three computers somewhere in the world are subverted and turned into bots every second.

In its new Virtual Criminology Report, McAfee warns that cyber espionage has moved from tentative probing to well-funded, well-organized campaigns for financial, technical, and political gain. The report sees online services becoming increasingly vulnerable to sophisticated attacks and the emergence of a market for software flaws and bots.

"Cyber crime is a grim reality that's growing at an alarming rate, and no one is immune to the mounting threat," McAfee warns. "It is costing consumers, businesses, and nations billions of dollars annually, and there's no end in sight."

While it's tempting to see the FBI's victories as a sign of progress and to dismiss the drumbeat of dread sounded by companies that make a market in fear, no one responsible for informational assets can safely afford to do so. And McAfee is not alone in its concern.

"Chinese espionage activities in the United States are so extensive that they comprise the single greatest risk to the security of American technologies," the U.S.-China Economic and Security Review Commission warned Congress in a report earlier this month.

While the Chinese government has consistently denied any involvement in cyber attacks, the McAfee report details cyber espionage by attackers based in China against government agencies in the U.S., Australia, Germany, India, and New Zealand.

It should be said that China is not alone in such activities. As Johannes Ullrich, chief research officer at the SANS Institute, puts it in the McAfee report, "Everyone is hacking everyone."

Perhaps that's because no one is really secure. After all, if computers at the U.S. Department of Defense can get hacked, as happened in June, what chance does the average Joe have?

Dave Marcus, security research and communications manager at McAfee Avert Lab, nonetheless declined to characterize his company's report as dire. There's lots of threat mitigation that can be done that's not related to purchases of products, he insisted, pointing to router filters, whitelists and blacklists.

Marcus conceded that online social engineering attacks -- click here to see if you're a winner -- aren't easily dealt with through technology but noted that confidence tricksters exist in the real world too. "That can only be mitigated through education," he said.

"Applications are coded by human beings so there are always going to be vulnerabilities in code," said Marcus. "It's certainly complex but it's also certainly manageable."

Pointing to trends like the push toward virtualization, which many security companies expect will lead to more vulnerabilities, Marcus said that security needs to be planned for from the outset. "Administrators need to think about architecting security in at the beginning rather than after they're deployed 10,000 machines," he said.

In the real world, crime exists and many people go about their lives without being affected, thanks in part of common sense defenses like avoiding high-crime neighborhoods and behavior that might bring the attention of criminals.

The problem with applying that model to the online world is that in cyberspace, everyone lives in the same bad neighborhood and the criminals can use automated scanning tools to find victims, without much fear of detection or arrest.