BBC botnet ‘reckless’, may inspire copycats

Sophos says BBC TV segment highlighting the power of botnets went too far.

Sophos CTO Paul Ducklin

Sophos CTO Paul Ducklin

Security company Sophos has lashed out at the BBC for commandeering some 22,000 computers earlier this month, claiming the move was a reckless breach of privacy that could inspire a wave of vigilante copycats.

The computers were assembled into a botnet by the BBC following advice from hackers in online chatrooms, and were then use to spam dummy Hotmail and Gmail accounts to demonstrate the machinations of spam in its Click TV segment.

Thousands of spam e-mails, each with unique subject lines generated by Google keyword searches, bypassed the Hotmail and Gmail spam filters and hit the inboxes within about two hours.

Kill commands issued to liberate infected computers can be rewired to wipe hard drives


Sophos chief technology officer Paul Ducklin said the demonstration, which also changed the desktop backgrounds on hijacked computers, was reckless because altering system data could have had unintended and dire effects.

“The BBC issued remote commands for its [Click] television program, using a criminal piece of software, from the author they've never met and which quality they've got to presume is dodgy,” Ducklin said.

“The commands to change the wallpaper could have hanged the computers. What if those [affected] were uploading a tax return, or a prescription for diabetes medication?

“It's not for the BBC to make that decision. I'm sure their motives were good, but they have set a dangerous precedent because the last thing we want is gangs of wannabe anti-virus vigilantes roaming the Internet and issuing commands to botnets,” he said.

Ducklin said the typical kill commands issued to liberate infected computers from botnet control, and presumably used by the BBC test, can be rewired by hackers to wipe hard drives and critical system data.

“The only good reason to [issue a kill command] is if the botnet was going to be used to do something terrible... not just to stop spam,” he said.

The BBC test also directed the infected computers to perform a denial-of-service attack on a test web site.

A quarter of all computers are part of a botnet, according to statistics from security research organisation TRACE. Despite this, most malware used to infect machines can be removed by basic anti-virus programs.

Ducklin said businesses should bolster internal security such as Network Access Controls to thwart rising attempts by botnet masters to dodge hardened external security and inject malware directly into corporate networks using infected portable devices.

He said the bot controllers, which are often Linux servers, are virtually impossible to locate.

University of New South Wales senior network administrator for the school of computer science and engineering Peter Linich previously told Computerworld Linux servers are extremely valuable for botnets because they are typically online more than 10 months of the year.

“We can't make sure users who need to administer their own computers use good passwords; a bad password choice is a damn good way to risk getting their machine compromised no matter how attentive they are to keeping their machines patched,” Linich said.

The BBC has defended media allegations that the demonstration was illegal, and said it did not pay hackers for access to the infected machines.

A list of 20 million legitimate e-mail address can cost up to $1000, according to the BBC botnet report.

Botnet masters — the masterminds behind the zombie computer networks — have received prison sentences of up to four years in recent history for using the machines to issue spam and denial of service attacks.

Join the PC World newsletter!

Error: Please check your email address.

Tags botnets

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Darren Pauli

Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?