Rise of the Small Botnet

wiredmikey writes "Botnets controlled by criminal enterprises all over the world continue to multiply at a steep rate, and it is now arguably the smaller, harder-to-trace operations that organizations should be the most worried about. Not only are smaller botnets cheaper and easier to build out and operate, but criminals have already realized that large-scale botnet activity attracts unwanted attention, and not just of law enforcement."

Re:Small botnet?

[wiredmikey]

Yes, but the larger the botnet it becomes more of a target for takedown. Running smaller botnets under the radar for a longer period of time can be more effective with less of a chance of being caught.

Where is the Microsoft or Windows tag?

[erroneus]

I know for a fact that Linux boxes, especially servers on the net, get compromised and used by criminals from unknown locations on the planet. But botnets are made almost entirely of PCs running Microsoft Windows. Whether it is the OS or the apps running on it or both are the ultimate cause, it all has MS Windows in common.

All this botnet crap going on all over the planet could be halted in very short order if Microsoft would "man up" and do something about it. With every new release of an OS, it makes a choice and every time it has chosen to maintain the old ways instead of fixing the problems. Perhaps my perspective on this is a little wrong. I have not yet, for example, seen a compromised Windows 7 machine. (That's not because they can't be, it's simply because I haven't seen one yet and a lot of people don't want to use Windows 7.)

If I was in control of a beef company and the bovine products I was distributing was tied to global illness and crap like that, there would be no end to the complaints and measures taken against me. But somehow, the world hasn't managed to point enough fingers at Microsoft demanding that they do something about the problem. The only finger pointers are pretty much the IT crowd and no one listens to us. It is fascinating to me because the problems with compromised Windows machines has massive economic effect which, as we all know, is far more important than global health and general public safety.

Re:Where is the Microsoft or Windows tag?

[Spad]

The vast majority of current exploits are targeted at applications, rather than OSs; primarily Acrobat Reader and Java at the moment.

Regardless, no OS can overcome the problem of permitting users to carry out administrative tasks without allowing them to execute malicious code when they really, really want to see the dancing bunnies.

Nothing Like a Large Botnet

[MyLongNickName]

To really do damage to a webserver, you need a large botnet.

Re:Nothing Like a Large Botnet

[MyLongNickName]

Heh, Flamebait :) Some mod is having fun modding me down today. Here's another one to waste your points on :)

Re:Spread of intrusion?

[MyLongNickName]

I'm posting from ThePromenader's unmonitored servers.

Re:How does this make sense?

[captainpanic]

Fear actually does increase security... well... in a way.

Consultants call this fear "awareness". And if you want a general group to implement any measures, you have to "create awareness". It's a well-known fact.
So, because of the awareness, security measures are taken.

Not only the cyber security, but also physical security (security companies and weapons industry) thrive because of the awareness of all kinds of problems (security leaks, terrorism, etc).
The real question is: is the threat as big as it is portrayed?

Re:Step 1. bot net - Step 2. Profit!

[Shark]

As an ISP, we actively track and warn customers that are infected. It was a bit of a hurdle at first but merely making our customers aware of the possibility has drastically decreased the number of infections despite the steady increase in number of customers.