Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Microsoft exposes scope of botnet threat

Microsoft's latest Security Intelligence Report focuses on the expanding threat posed by bots and botnets

Microsoft this week unveiled the ninth volume of its Security Intelligence Report (SIR). The semi-annual assessment of the state of computer and Internet security and overview of the threat landscape generally yields some valuable information. This particular edition of the Security Intelligence Report focuses its attention on the threat posed by botnets.

A Microsoft Malware Protection Center blog post explains, "We've dedicated this particular volume to the study of botnets and the role that they play in the malware world. You'll find a historical anthology of how botnets came to be along with modern-day examples, including the most prevalent families and differences in their geographical distribution."

Adrienne Hall, general manager for Microsoft Trustworthy Computing, elaborates on the botnet threat. "Botnets are the launch pad for much of today's criminal activity on the Internet. In many ways, they are the perfect base of operations for computer criminals. Botnets are a valuable asset for their owners--bot herders--who make money by hiring them out to other cyber criminals to use as a route to market for cybercrime attacks such as phishing attacks, spam attacks, identity theft, click fraud and the distribution of scam emails. Bot herders guard their botnets jealously and invest huge amounts of time, effort and money in them."

Hall adds that recent attempts at thwarting botnets have had some limited success. "The good news is there are clear indications that aggressive, creative disruption efforts by the software industry, law enforcement agencies, government entities, and academics are having an impact on botnets: we've seen successful botnet takedowns against Waledac, led by Microsoft and the Mariposa bot arrests, led by Spanish authorities."

The problem is that malware developers create new bots and bot variants, and PCs are compromised by bots and assimilated into massive botnets significantly faster than any reactive security approach could ever hope to contend with. Microsoft and others deserve kudos for the success against botnets thus far, but long term there has to be a better way.

Thankfully, security is getting more attention at all levels and the focus increasingly is on how to proactively protect rather than reactively defend. Commenting on McAfee's initiative to promote "offensive security," Dave Marcus, director of security research and communications for McAfee Labs said, "As we look at the evolution of risky domains and Web sites over multiple years, we can't avoid the conclusion that the risk keeps increasing in both volume and sophistication. If we want to stop being victims, then the good guys need to advance security efforts as threats evolve."

In another example of thinking beyond the traditional computer and network security box, Microsoft's Scott Charney recently proposed a global PC infection response system similar to the approach used by the World Health Organization to contain and manage pandemic biological infections. Implementing a system that can scan and quarantine compromised systems to protect the rest of the Internet is one way to avoid the rampant spread of malware.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Adobe, etwork, Mariposa, McAfee, Microsoft, Sick, SIR, World Health Organization
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: antispam, Intel, malware, Microsoft, online security, phishing, security, spam, viruses
Latest Blog Posts
Whitepapers
  • Automating Your Processes to Outperform Your Competition
    Welcome to Volume Three of the “Intelligent Guide to Enterprise BPM.” Get ready for an education in automation—Process Automation, that is. This white paper goes into detail about the Process Automation entry point into an Enterprise Business Process Management (BPM) program. Read on to learn how Process Automation opens up new ways to help your business do things faster—like open up a new sales channel or deliver customer orders. Discover how Process Automation enables your business to run smoother and consistently in an orchestrated way. With a true Enterprise BPM solution, you can automate newly designed processes far easier than starting from scratch.
    Learn more »
  • Managing Trust - Data protection and compliance for financial services
    If it’s becoming something of a cliché that the financial services industry is one of the world’s most heavily regulated, that’s largely because it’s true. Data retention and archiving, authentication and authorisation, data loss prevention and privacy regulations compete with demands for transparency and accountability, while market imperatives calling for multiple service channels delivered over a broad spread of technologies add to the pressure. Read on.
    Learn more »
  • Best Practices for Oracle License Management: Optimise Usage and Minimise Audit Liability
    With Oracle audits on the rise, organisations that can best align license agreements with actual database and option usage can reduce their financial risk and maximise the value of their Oracle investments. The goal is to “right-size” Oracle across the enterprise and gain control over the entire license management process – from accurate needs projections and licensing negotiations, to deployments and audit preparation. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments