At present, pressing issues regarding Internet security is one of the major concerns of different institutions, large companies and governments alike. I believe any institution which depends on any computer network, most likely the Internet, on keeping their respective businesses going are aware of these problems. And if they are still not aware, then they should be because there’s a great possibility that their networks are being used to pursue illegal activities.
The report articulated several different scenarios by which how institutions and groups of individuals who have interest against the US government can make use of existing technologies to cripple the country’s economy. The report explored the possibilities of a coordinated attacked against US government-owned IT infrastructures. Although possibilities exist, concerned agencies downplay the extent of the real damage they can cause. They argued that recovery from such attacks can be handled in a way similar to how they handled natural calamities i.e. flooding, earthquake, or random machine breakdown in the past. Also, they argued that the cost of such attacks out-weighs the benefits they give, so these would deter anyone from even doing such things.
Another concern discussed in the report is the commercialization of the tools and the technical skills necessary to do cybercrimes. The ease by which one can earn from stealing financial information, trade secrets, etc. and selling them to underground markets lure more “brilliant” individuals into this kind of activity. The motivation of these attacks are no longer pure financial in nature. Some are initiated by groups to push political and social reforms [6].
The report made mention of Botnets all throughout. Russian-based Kaspersky Lab reported that the major threat plaguing the Internet today is the threat of botnets [1]. Botnets (Bot networks) are networks of compromised machine controlled by an attacker called the “bot master” [2]. Botnets are mostly responsible for the spread of malwares across the Internet that leads to theft of personal information and other sensitive data from government institutions and companies who store confidential customer information. Furthermore, botnets had been used in DDoS attacks and proved to be very efficient [4]. In most cases, computers which are generally infected are home-based personal computers which are usually unprotected or whose owners are not well aware of these security threats.
One of the major problems that security researchers faces in dealing with botnets and other security threats alike is the high level of technical proficiency of the individuals behind these threats. The technical complexities of the tools and techniques i.e. code encryption and obfuscation, which these hackers are using, gets higher such that security researchers are not able to get close at them. In most cases, such individuals monitor the activities of security researchers who are hitting on them which enable them to develop even better ways to avert and prevent detection [5].
Another factor is the severity of the infection it already caused to the Internet. The large number of infected computers and established C&C servers makes the complete take down of these networks much more difficult [3]. The use of peer-peer network architecture instead of the traditional C&C structure on botnets surfacing nowadays makes even harder for security professionals to alleviate the severity of the threats they cause.
In most cases, proliferation of malicious programs or Trojan horses (which turn a computer into a zombie) can be attributed largely to unsuspecting Internet users who are unaware of the different security risks lurking in the World Wide Web. I believe that a sufficient and massive information campaign of these security risks to the majority of the population of Internet users should be considered. I think it is safe to assume that majority of Internet users are not really aware of these prevailing security issues which make them even more vulnerable. We should increase everyone’s awareness about these security trends. Preventive security should be initiated at the end-user/client level. I don’t mean to cause paranoia among individuals who does not really want to be bothered of these things. But since it is the case that unsuspecting Internet users play major player in the spread of these botnets, we don’t have a choice but to force the issue on them. I am not saying also that this will put a stop to this kind of cyber-attacks. But at the very least, this initiative should at least decrease the number of infected systems and possibly prevent further infections in the future. And during these times, every bit of help we can get counts.
References:
1. [http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1030284,00.html]
2. Grizzard, Julian B. , et al., “Peer to peer Botnets: Overview and Case Study”. UneNix.org, at
[http://www.usenix.org/ event/hotbots07/tech/full_papers/grizzard/grizzard_html/]
3. Fisher, Dennis. “Botnets using ubiquity as security”. ThreatPost.com, at [http://threatpost.com/ en_us/blogs/botnets-using-ubiquity-security-060710]
4. “Robot Wars – How Botnets Work”. WindowSecurity.com, at [http://www.windowsecurity.com/ articles/Robot-Wars-How-Botnets-Work.html]
5. VitalyK. “Gumblar: Farewell Japan”. Securelist.com, at [http://www.securelist.com/en/blog/2132/Gumblar_Farewell_Japan].
6. Wilson, Clay, “ Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress”. CRS Report for Congress. January 29, 2008.
No comments:
Post a Comment