Cyber security threats grow in sophistication, subtlety
- — 16 October, 2008 09:26
Researchers at GTISC estimate that 15 percent of all online computers in 2008 will become part of botnets -- infected with code that effectively puts them under the control of a remote botmaster. That's up from an estimated 10 percent in 2007.
One massive recent botnet was created by an 18-year-old New Zealander.
Infections can occur even through legitimate Web sites, botnet delivery mechanisms are becoming more sophisticated and subtle, and users don't have to actually do anything, except load a Web page, in order to enable botnet infections.
Uncovering bot communications is extremely difficult, according to Wenke Lee, an associate professor at GTISC and a leading botnet researcher. "It's very difficult to filter bot traffic at the network edge since it uses http and every enterprise allows http traffic," Lee says.
The GTISC report cites a second quarter 2008 assessment by Panda Labs, which found 10 million bot computers were used to distribute spam and malware over the Internet every day.
One of the most troubling sections in the report deals with cyberwar: the deliberate use by one nation of computer technology to weaken, cripple or confuse an enemy nation's military, economic and infrastructure assets.
The report cites the work of Don Jackson, director of threat intelligence for SecureWorks, in compiling research that implicates the Russian government in cyber attacks against Georgia just a few months ago. For example, most Georgian Internet traffic is routed through Turkey and Russia. As of August 10, 2008, the day after the Russian Air Force was given the green light for air attacks, traffic routed through Turkey was almost completely blocked, and IP traffic through Russia "was slow and effectively unusable," according to the GTISC report.
Estonia faced cyber attacks in 2007.