Why you and government need to seriously worry about Botnets
Posted by: Mel Morris
Botnets don't care about your antivirus, internet security suite or the Total Protection claims of your PC security supplier
What is a Botnet?
A Botnet is a massively powerful army of Personal Computers, like yours and mine, which can be directed, without our knowledge, to perform amazing tasks on behalf of criminals or terrorists. Not just simple tasks like sending spam but major, even life threatening, tasks like attacking commercial, government, infrastructure and other critical computer systems and networks. It is not inconceivable that Botnets could play a significant hostile role in any future terrorist attack.
Could my PC be part of a Botnet and how would I know?
Your PC could easily be part of a Botnet without you even knowing.
Why won't my antivirus or internet security suite protect my PC from being part of a Botnet?
Every day thousands of PCs are being silently recruited (infected) to form part of a Botnet, including those protected by well respected and up to date antivirus and internet security suites. Having an up to date security product is going to help. However, Botnet infections are mutating every day and no single security vendor or product exists which will catch even 80% of the new threats that emerge every day.
What risk is their to me if my PC is part of a Botnet?
There are enormous risks to you if your PC is part of a Botnet. Botnet infected PCs can be made to perform tasks using your PC without your knowledge. Almost all of those tasks are hostile in nature. It can steal information about you from your PC, or information displayed or enter on your PC, while you are doing online banking, buying online or just surfing. That information will be forwarded to criminal or terrorist groups who will choose to use, exploit or sell it.
While your PC is part of a Botnet it can be used for some horrendous acts. However, if these acts are noticed by the victims or law enforcement then it might appear that you have personally performed such acts with all sorts of ensuing issues.
Why are Botnets so little understood or little publicised?
Why indeed? Well people rarely know their PCs are infected, their security products will often tell them their PC is clean. Then there is the 'self interest' of the security vendors who have no interest in publicising the fact that their products are only 60-70% effective at best. The very existence of Botnets is a measure of the abject failing of today's antivirus and internet security suites to adequately protect our PCs. And finally, the criminals and terrorists who control these Botnets have no vested interest in shouting about how successful, or where they are!
How do I check if my PC is part of a Botnet?
If your PC internet connection seems unexplicably slow at times when you are checking your email or when surfing it could be a sign that a Botnet infection is using your internet connection to send or receive data. If this happens, stop surfing, close your email software (e.g. Outlook) and try and open Task Manager by pressing the CTRL, ALT and Delete keys at the same time then selecting Task Manager. When Task manager opens click on the Network tab and see if your PC is using the internet network connection, if it shows more than a few percent usage then this could be further evidence of something using your internet connection without your knowledge. If you are at all suspicious then download another security product like Prevx Edge from our web site, or choose any other good product such as AVG, Kaspersky, Panda, Sophos and others.
I recommend you use an alternative security product because if your PC is infected then it is almost certain that your existing security product has already let you down. If you scan with your current security product it will most likely say your PC is clean when it probably isn't.
If you find your PC is infected then you might want to consider adding another security product to your arsenal of protection or replacing your existing security.
5 comments so far
- Steve Rider on Mar 15 17:24, 2009
- TomC on Mar 17 3:47, 2009
- JessicaLoath on May 10 15:23, 2009
It might be useful to people interested in protecting their data to disclose which computer operating system(s) the malware infested PCs were running.
For example if it just so happened to be the case that 100% of these trojan infections were on Microsoft Windows PCs, this information might help the reader to make informed decisions for future use.
As the owner of a small computer repair shop, I'm happy to see this information finally published. 80% of my work is disinfecting computers that have been rooted (rootkit infection). After finding several hiding in the MFT, we now routinely zero-fill the HD before reinstalling the OS.
Our security "suite" consists of the well-known adware/spyware apps, a free AV and mandatory installation/use of Firefox with the NoScript plug-in. We also try to educate the customer on the potential abuse from spam/IM (attachments and links), 3rd party apps (Acrobat, Quiktime), P2P downloads, free games, screensavers, etc.)
Our #1 recommendation is to stay away from as much of MS as you can (Live, MSN Explorer, IE, etc.) because of the history of vulnerabilities. Hackers target the largest install-base and includes the Symantecs, McAfee, Trendmicro, etc.
We also try to get the customer to understand that complacency created by the claims of PC and AV vendors, is one of the most easiest vulnerabilities to exploit. Saved passwords, remember-me logins - anything that is stored in the PC is harvestable.
Keep up the good work....
That was nice. Thank you for sharing this one.
Thank you for getting this information out. There a number of things a user can do besides getting more and more software that ends up wanting full access to your computer and connections. What we need to do is pool the "tricks and tips" to configure what we already have on/in our system.
I have been getting informed big time on Botnets and other black hat ops. But, most would rather allow others to take responsibility for what happens on thier computer.
Computers are wonderful tools, but, can be misused quite evilly. The lazy will just have to spend some time getting thoughly educated about thier computer and then take some real measures.
I make my computer a unreliable Bothost by doing a few things, one of which, is turning OFF my cable modem if I see my computer being overtaxed.
Please, put more info/links on botnets and related info.
Ben
Try loving one another ... see what happens!