Tuesday, December 9, 2008

Botnets : The next generation of weapons of mass distruction

"The current issue of Policy Review has a paper by an American computer scientist and the recent Permanent Undersecretary of Defense for Estonia. Drawing on the Estonian cyber attacks a year and a half ago, as well as other recent examples, they argue that botnets are the major problem. They propose that botnets should be designated 'eWMDs' — electronic weapons of mass destruction

So what is cyber attacks & cyber warfare?

Cyber warfare is asymmetric warfare; more is at risk for us than for most of our potential adversaries. Another asymmetric aspect is that the victims of cyber warfare may never be able to determine the identity of their actual attacker. Thus, America cannot meet this threat by relying solely upon a strategy of retaliation, or even offensive operations in general.

Cyber attacks are best accomplished through exploiting intelligence on the enemy’s networks and servers, and on those servers’ software, the current vulnerabilities of the software’s applications, and standard security practices and typical lapses. Cyber attackers can exploit their targets’ networks and servers such that those systems not only stop supporting their intended purposes, but actually work against those purposes. As evidenced by recent attacks on the Pentagon computer system, the United States must assume that our potential adversaries in the world are preparing for such attacks.

read more

What is the best experince of a cyber attack ?

In the Bruce Willis thriller “Live Free or Die Hard,” fiendish computer hackers throw the United States into a wild tailspin of fire and flood and national gridlock. But you need not to go to the silverscreen to witness this. Many banks and finacial organizations faces the treat of such attacks. In addtiion when the entire defence network depends on the communication channels an attack on that chaneel makes the user vanerable to all types of attacks.

the Estoinan experiece is a clear example. On May 2007, the events that took placein Tallinn, the capital of Estonia, proved everyone wrong. On that day, Estonia fell victim to the first-ever, real Internet war. Read more

So what is a botnet ?

Botnet is a jargon term for a collection of software robots, or bots, that run autonomously . The term is often associated with malicious software but it can also refer to the network of computers using distributed computing software.

While the term "botnet" can be used to refer to any group of bots, such as IRC bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via worms, Trojan horses, or backdoors, under a common command-and-control infrastructure.

(Wikipedia)

Some of the proposed solutions are dicussed in the following article.
Read more

No comments: