Botnets: The end of the web as we know it?
March 29, 2007
By Patrick Metzger, CBC News
Imagine your home computer and a half-million others being secretly commandeered by criminals who use them remotely to send spam e-mails, spread viruses, steal personal information — even crack the codes at credit card companies and banks.
Sound far-fetched? It's already happening. In the past five years, these so-called "zombie" robot networks — or "botnets" — have become the key to most serious internet crimes.
"It's not uncommon for the bad guys to have 50,000 or 100,000 or even half a million computers under their control, and they have the ability to constantly update and wreak havoc with what these machines are doing," said Jose Nazario, a security engineer with Arbor Networks, a network security company based in Lexington, Mass.
"They're overwhelming a lot of systems, and they're also able to attack the internet at large with massive numbers of machines, beyond the scope of what we've seen before," Nazario told CBC News Online.
At the least, the botnets pose such a threat that they could lead to changes in the very nature of the internet.
And in worst-case scenarios? The botnets could be unleashed to cause chaos at airports and other transportation hubs, paralyze companies' financial systems so workers go unpaid, and permanently destroy vital records at hospitals, schools and other institutions.
Will virtual 'gated communities' arise?
Jonathan Zittrain, a professor of internet governance and regulation at Oxford University's Internet Institute, warns that these and other apocalyptic visions are possible.
"Combine one well-written worm [a type of self-replicating virus] of the sort that can evade firewalls and anti-virus software with one truly malicious worm-writer, and we have the prospect of a panic-generating event that could spill over to the real world," Zittrain writes in a section of a book he's completing on the future of the web, which he e-mailed to CBC News Online.
Zittrain believes that without concerted action to secure the web, an overwhelming and entirely plausible e-terrorist attack could spell the end of the open internet.
Under this scenario, users and businesses could decide to retreat to the relative safety of closed-off networks or virtual "gated communities," severely limiting the universal creative process that has characterized the web to date.
"If digital gated communities become the norm, highly skilled internet users … will still be able to enjoy generative computing on platforms that are not locked down, but the rest of the public will not be brought along for the ride," he writes.
It could also mean that things our online society is coming to take for granted, like the ready downloading of software, video and other media, would become much more difficult or disappear altogether.
'Bot-herder' sentenced to 57 months in jail
Some "bot-herders," as they've been called, have been brought to justice: May 2006 saw the first successful U.S. prosecution for criminal botnet outsourcing.
Jeanson Ancheta, 21, of California, was sentenced to 57 months in federal prison for controlling as many as 400,000 bots.
He would rent the bots to "clients" who would then use them to send spam, install spyware and launch distributed denial of service (DDOS) attacks — floods of useless traffic that block users from gaining access to the network — against business rivals.
The judge noted that Ancheta's crimes were "extensive, serious and sophisticated."
Wesley Hsu, the deputy chief of the U.S. Justice Department's cyber and intellectual property crimes section in Los Angeles, said cases like Ancheta's are important.
"We're getting the word out that you can go to jail for this, that this is not some prank that we take lightly," Hsu said in a telephone interview.
Not easy to fight cybercrime
Prosecutions remain relatively few, however, as the nature and scale of the botnet problem makes it difficult for law enforcement to effectively address.
"We're dealing with a kind of high-tech crime that [law enforcement] have never seen before," said Nazario of Arbor Networks.
"The people perpetrating this are not only experienced with programming these botnets, but also with how to hide themselves."
Joe Stewart, a senior researcher at the Atlanta-based security firm SecureWorks, agreed.
"It's not impossible to track these guys down, but it's technical," he told CBC News Online. "It takes people that really understand the guts of these things, and unfortunately there are not enough of these people in law enforcement."
Thorsten Holz of the German Honeynet Project, a group working to learn more about botnets, said lack of speed is one issue that has hampered the authorities.
"It takes too long. They always have to talk to the court to get permission, which takes at least a couple of weeks, and in this time the attackers can just move to another system."
A question of education and who to trust
More effective law enforcement is just one of the tools needed to defeat the cybercrooks, experts say. More education and caution is needed by home users, who have been called the weak link in the chain that allows the bots to flourish.
Symantec Internet Security says home users are the target of 86 per cent of internet attacks, largely because they are far less likely than corporate users to have effective security measures.
Home users can help keep their machines — and the web — free of trojans (malicious software disguised as a legitimate computer file or program) and bots through some basic, but often ignored, safety steps.
"I talk to law enforcement around the world and they tell me that when they knock on the door of someone whose machine has been compromised, there's a look of shock and horror — but invariably they find there are [security problems such as] no passwords, open wireless, no security software, etc.," said Vincent Weafer, the senior director of development at the information security firm Symantec Corp.
"The best-practice steps are very simple and they haven't changed over the last couple of years."
Any computer that attaches to the internet should always have up-to-date firewalls and anti-virus software in place, for example.
Of critical importance is the immediate installation of software updates as required, especially for Windows users, since bots often get access to machines through known holes in popular software.
Human weakness also continues to be a problem. Two serious worm outbreaks in 2006 — Storm and Meteor — spread to hundreds of thousands of computers because users ignored years of warnings and opened suspicious e-mail attachments from strangers.
Experts still hopeful
In spite of all these issues, security experts generally feel that the criminal botnets can be beaten without changing the way we use the internet.
Secureworks' Stewart said he was confident the open web would continue and Arbor's Nazario echoed the sentiment.
"I think we're going to win in the long run, and very few people will retreat to isolated networks," Nazario said. "When I think about this, I'm an optimist."
Still, Zittrain, who postulates a potentially darker future, may have the last word: "Internet technologists often dismiss the problems of viruses and worms … because technologists know how to protect themselves against them."
- Green machines
- Disk drive: Companies struggle with surge in demand for storage
- Open season: Will court decision spur Linux adoption?
- Analogue TV
- Video games: Holiday season
- Video games: Going pro
- Guitar Hero
- Parents' guide to cheap software
- Working online
- Laptop computers for students
- Technology offers charities new ways to attract donations
- The invisible middleman of the game industry
- Data mining
- Two against one
- The days of the single-core desktop chip are numbered
- Home offices
- Cyber crime: Identity crisis in cyberspace
- Yellow Pages - paper or web?
- Robotics features
- iPhone FAQ
- Business follows youth to new online world
- A question of authority
- Our increasing reliance on Wikipedia changes the pursuit of knowledge
- Photo printers
- Rare earths
- Widgets and gadgets
- Surround Sound
- Microsoft's Shadowrun game
- Dell's move to embrace retail
- The Facebook generation: Changing the meaning of privacy
- Digital cameras
- Are cellphones and the internet rewiring our brains?
- Intel's new chips
- Apple faces security threat with iPhone
- Industrial revolution
- Web developers set to stake claim on computer desktop with new tools
- Digital photography
- Traditional film is still in the picture
- HD Video
- Affordable new cameras take high-definition mainstream
- GPS: Where are we?
- Quantum computing
- What it is, how it works and the promise it holds
- Playing the digital-video game
- Microsoft's forthcoming Xbox 360 Elite console points to entertainment push
- Online crime
- Botnets: The end of the web as we know it?
- Is Canada losing fight against online thieves?
- Malware evolution
- Money now the driving force behind internet threats: experts
- Adopting Ubuntu
- Linux switch can be painless, free
- Sci-fi projections
- Systems create images on glass, in thin air
- Power play
- Young people shaping cellphone landscape
- Digital cameras
- Cellphone number portability
- Barriers to change
- Desktop to internet
- Future of online software unclear: experts
- Complaining about complaints systems
- Canadian schools
- Multimedia meets multi-literacy age
- Console showdown
- Comparing Wii, PS3 and Xbox 360 networks
- Social connections
- Online networking: What's your niche?
- Virtual family dinners
- Xbox 360 console game
- Vista and digital rights
- Child safety
- Perils and progress in fight against online child abuse
- Biometric ID
- Moving to a Mac
- Supply & demand
- Why Canada misses out on big gadget launches
- Windows Vista
- Computers designed for digital lifestyle
- Windows Vista
- What's in the new consumer versions
- Cutting the cord
- Powering up without wires
- GPS and privacy
- Digital deluge
- Consumer Electronics Show
- Working online
- Web Boom 2.0 (Part II)
- GPS surveillance
- Hits and misses: Best and worst consumer technologies of 2006
- Mars Rovers
- Voice over IP
- Web Boom 2.0
- Technology gift pitfalls to avoid
- Classroom Ethics
- Rise of the cybercheat
- Private Eyes
- Are videophones turning us into Big Brother?
- Windows Vista
- Cyber Security
- Video games: Canadian connections to the console war
- Satellite radio
- Portable media
- Video games
- Plasma and LCD
- Video screens get bigger, better, cheaper
- Video games:
- New hardware heats up console battle
- High-tech kitchens
- Microsoft-Novell deal
- Lumalive textiles
- Music to go
- Alternate reality
- Women and gadgets
- High-tech realtors
- The itv promise
- Student laptops
- Family ties
- End of Windows 98
- Browser wars
- Exploding laptop
- The pirate bay
- Stupid mac tricks
- Keeping the net neutral
- PS3 and WII at E3
- Sex on the net
- Calendars, online and on paper
- Google, ipod and more
- Viral video
- Unlocking the USB key
- Free your ipod
- In search of
- Sony and the rootkit
- Internet summit
- Electronic surveillance
- RFID and privacy: Tracking your patterns?
- Nike+iPod could be used to track user: study
- Canadian coins bugged, U.S. security agency says
- CBC science section
- Online I.D. theft
- Computer security