Tom Brewster's article of November 11, 2011 in ITPRO titled 'The War on Botnets' gives an interesting account of the fight against botnets and the cyber underworld, detailing recent successes following collaboration between law enforcement and the security industry, along with international cooperation.
http://www.itpro.co.uk/637312/the-war-on-botnets/
The recent success in bringing down 'DNS Changer' botnet follows a series of botnet discoveries and thier dismantling for eight years, since 2003. Botnet terminations have been followed by significant drop in spam mails, PC infections and cyber crimes.
Some of the major botnets that were discovered and dismantled since 2008 are:
McColo- 2008
Mariposa (infected 13 million PCs) 2009
Mega-D - 2009
Waledac - 2010
Bredolab (2010)
Coreflood -2011
Rustock - March 2011
Kelihos- October 2011
DNS Changer -November 2011
Only since 2008, there has been noteworthy international cooperation to fight botnets and cybercrime.
The security industry also has colloborated in the efforts. Microsoft was responsible for smashing Waledac, Rustoc and Kelihos botnets, as part of Project MARS (Microsoft Active Response for Security), with the objective to 'annihilate botnets and help make the internet a safe place'.
The MARS team worked with security companies such as Kaspersky and FireEye. For Kelihos, Kaspersky's live botnet tracking system was used by Microsoft and Kaspersky abs helped to reverse-engineer the bot malware and to deal with the P2P infrastructure used by the botnet.
Legal problems and the sub domain issue are the battles still to be fought. The sub domain issue concerns top level domains hosting thousands of subdomains that are used for malicious hosting by botnets.
-Joseph Ponnoly
http://www.itpro.co.uk/637312/the-war-on-botnets
No comments:
Post a Comment