As reported by the magazine Computer world ,  the story that scared the whole USA  in early October about the digital attack to a water treatment plant in Pennsylvania  wasn’t actually that dramatic, indeed  problems weren’t caused by the criminal activities  of one or more  crackers, but they had been provoked by a virus that spread from an employee’s laptop to the main server. The virus was due to a botnet that was  believed to be used for mass-mailing spam.

False alarm: no cyber terrorist is targeting  water supplies, at the moment. But after  sighting  with relief  for there have been no terrorist attack , we should consider with care the implications that the constant increase of   botnets –networks of infected computers-  has brought about. 

The term is generally used to refer to a collection of compromised machines running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure (see the whole definition ).

Generally, the perpetrator of the botnet has compromised a series of systems that become elements belonging to the botnet. Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords.
Once computers are infected, and once botnet operators gain complete access to them,  they could  start filing up information about such machines, maybe concerning sensitive matters such as servers location and/or  about stored data. 
So, botnets perpetrators can get  total control over an unspecified and potentially unlimited number of computers that could be used for any purpose and even sold to the best bidder.  

Despite up to these days this kind of cybercrime has been treated with certain indifference, it seems that a new, aggressive approach will be taken to face botnets and the damages that they could convey.
Indeed, on October 26th  the 32-years-old John Bombard was condemned by a federal US court for being responsible of  the huge DDOS attack through a botnet, that in June 2004 provoked serious damages to the leading content delivery network Akamai .

Bombard used a variation of the worm known as Gaobot   and then launched a distributed denial of service attack to Akamai DNS, through his own botnet. Damages and losses were definitely big since during the whole attack all the websites and services supported by Akamai were interrupted.
Now  Mr. Bombard risks 2 years in prison and a $200.000 fine. 

So, a new category has been added to the list of  cyber-crimes that have to be persecuted,  but it is quite discouraging that the only way to face this kind of problems is just by punishing the perpetrator after  that the damage has been provoked.
Especially if we think about the fact that not only economic interests could be at risk and that the threat could not be only in the attack itself: data stored in the machines involved in a botnet could be exposed and used and we can easily guess the implications for homeland security of such an exposure, whose consequences would only depend on the nature of the data and on the orientation of the attacker.

Comments Index (Total Messages: 2)

anniyan Written by Guest on 2006-11-12 15:18:08 Re: anniyan Written by g4rf0x on 2006-11-18 22:01:46

Powered by a Zone-H(ified) version of AkoComment 3.0!