Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rise of the Small Botnet

Posted by CmdrTaco on from the we-are-legion dept.

wiredmikey writes "Botnets controlled by criminal enterprises all over the world continue to multiply at a steep rate, and it is now arguably the smaller, harder-to-trace operations that organizations should be the most worried about. Not only are smaller botnets cheaper and easier to build out and operate, but criminals have already realized that large-scale botnet activity attracts unwanted attention, and not just of law enforcement."

6 of 61 comments (clear)

  1. Re:Small botnet? by wiredmikey · · Score: 3, Insightful

    Yes, but the larger the botnet it becomes more of a target for takedown. Running smaller botnets under the radar for a longer period of time can be more effective with less of a chance of being caught.

  2. Where is the Microsoft or Windows tag? by erroneus · · Score: 3, Insightful

    I know for a fact that Linux boxes, especially servers on the net, get compromised and used by criminals from unknown locations on the planet. But botnets are made almost entirely of PCs running Microsoft Windows. Whether it is the OS or the apps running on it or both are the ultimate cause, it all has MS Windows in common.

    All this botnet crap going on all over the planet could be halted in very short order if Microsoft would "man up" and do something about it. With every new release of an OS, it makes a choice and every time it has chosen to maintain the old ways instead of fixing the problems. Perhaps my perspective on this is a little wrong. I have not yet, for example, seen a compromised Windows 7 machine. (That's not because they can't be, it's simply because I haven't seen one yet and a lot of people don't want to use Windows 7.)

    If I was in control of a beef company and the bovine products I was distributing was tied to global illness and crap like that, there would be no end to the complaints and measures taken against me. But somehow, the world hasn't managed to point enough fingers at Microsoft demanding that they do something about the problem. The only finger pointers are pretty much the IT crowd and no one listens to us. It is fascinating to me because the problems with compromised Windows machines has massive economic effect which, as we all know, is far more important than global health and general public safety.

    1. Re:Where is the Microsoft or Windows tag? by Spad · · Score: 5, Insightful

      The vast majority of current exploits are targeted at applications, rather than OSs; primarily Acrobat Reader and Java at the moment.

      Regardless, no OS can overcome the problem of permitting users to carry out administrative tasks without allowing them to execute malicious code when they really, really want to see the dancing bunnies.

    2. Re:Where is the Microsoft or Windows tag? by c6gunner · · Score: 2, Insightful

      it's more about a structural flaw in the basic paradigm we all know and love... the idea of running everything a default permissive environment

      Even that's largely irrelevant. Back when I had a botnet or two of my own, I didn't really give a damn what kind of permissions they had as long as they were capable of accessing the net. Firewalls set up to stop programs from dialing out didn't seem to be much of an issue - the average user would just click "allow", anyway. The biggest problem has always been - and will continue to be - ignorant or uncaring users.

  3. How does this make sense? by exentropy · · Score: 2, Insightful

    Organizations shouldn't be worried about small botnets simply because they haven't attracted the attention of law enforcement -- they should be afraid because their antivirus won't have a signature for the malware being propogated by small botnets. And what's the point of advising organizations to be worried about small botnets? Fear doesn't increase security.

    1. Re:How does this make sense? by captainpanic · · Score: 4, Insightful

      Fear actually does increase security... well... in a way.

      Consultants call this fear "awareness". And if you want a general group to implement any measures, you have to "create awareness". It's a well-known fact.
      So, because of the awareness, security measures are taken.

      Not only the cyber security, but also physical security (security companies and weapons industry) thrive because of the awareness of all kinds of problems (security leaks, terrorism, etc).
      The real question is: is the threat as big as it is portrayed?