BBC botnet ‘reckless’, may inspire copycats

Sophos says BBC TV segment highlighting the power of botnets went too far.

Sophos CTO Paul Ducklin

Sophos CTO Paul Ducklin

Security company Sophos has lashed out at the BBC for commandeering some 22,000 computers earlier this month, claiming the move was a reckless breach of privacy that could inspire a wave of vigilante copycats.

The computers were assembled into a botnet by the BBC following advice from hackers in online chatrooms, and were then use to spam dummy Hotmail and Gmail accounts to demonstrate the machinations of spam in its Click TV segment.

Thousands of spam e-mails, each with unique subject lines generated by Google keyword searches, bypassed the Hotmail and Gmail spam filters and hit the inboxes within about two hours.

Kill commands issued to liberate infected computers can be rewired to wipe hard drives

Sophos

Sophos chief technology officer Paul Ducklin said the demonstration, which also changed the desktop backgrounds on hijacked computers, was reckless because altering system data could have had unintended and dire effects.

“The BBC issued remote commands for its [Click] television program, using a criminal piece of software, from the author they've never met and which quality they've got to presume is dodgy,” Ducklin said.

“The commands to change the wallpaper could have hanged the computers. What if those [affected] were uploading a tax return, or a prescription for diabetes medication?

“It's not for the BBC to make that decision. I'm sure their motives were good, but they have set a dangerous precedent because the last thing we want is gangs of wannabe anti-virus vigilantes roaming the Internet and issuing commands to botnets,” he said.

Ducklin said the typical kill commands issued to liberate infected computers from botnet control, and presumably used by the BBC test, can be rewired by hackers to wipe hard drives and critical system data.

“The only good reason to [issue a kill command] is if the botnet was going to be used to do something terrible... not just to stop spam,” he said.

The BBC test also directed the infected computers to perform a denial-of-service attack on a test web site.

A quarter of all computers are part of a botnet, according to statistics from security research organisation TRACE. Despite this, most malware used to infect machines can be removed by basic anti-virus programs.

Ducklin said businesses should bolster internal security such as Network Access Controls to thwart rising attempts by botnet masters to dodge hardened external security and inject malware directly into corporate networks using infected portable devices.

He said the bot controllers, which are often Linux servers, are virtually impossible to locate.

University of New South Wales senior network administrator for the school of computer science and engineering Peter Linich previously told Computerworld Linux servers are extremely valuable for botnets because they are typically online more than 10 months of the year.

“We can't make sure users who need to administer their own computers use good passwords; a bad password choice is a damn good way to risk getting their machine compromised no matter how attentive they are to keeping their machines patched,” Linich said.

The BBC has defended media allegations that the demonstration was illegal, and said it did not pay hackers for access to the infected machines.

A list of 20 million legitimate e-mail address can cost up to $1000, according to the BBC botnet report.

Botnet masters — the masterminds behind the zombie computer networks — have received prison sentences of up to four years in recent history for using the machines to issue spam and denial of service attacks.

Tags botnets

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Darren Pauli

Computerworld

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?