The Great Cyberwar



It went un-noticed by most people for a few years. After all, the ones that were affected were just those that were “asking for it”. Where to start. Let’s see, back in the day there were some that sent out messages to other peoples computers and even when people tried to stop getting the messages they kept coming, so a few sites decided that if they could “blacklist” the places that these messages were coming from, they could help people deal with the mass of messages. So they did, and the people sending the unwanted messages were a bit frustrated and improved their distribution a bit, taking over virus infected pcs for sending their messages. The defenders matched and started blacklisting dialup addresses as mail sources. It was frustrating for those doing legitimate mail servers on a dynamic internet address, but there were legitimate ways to fix the problem. But the senders of the messages got mad.


They used the army of spam bots that they had cultivated to attack the blacklisters, from time to time they would deny service to their websites and frustrate the effectiveness of their service. Once, to show the power of a botnet several big name websites were taken down for a better part of a day, then the attack just went away. It was just a flexing of muscle. Of course, THAT made big news for a day or so, then life went back to normal. The attack against spam blacklisters continued off and on, but most people don’t really care about that. OH they hate junkmail, but they just don’t know if blacklisting is the answer. Maybe it’s not anyway.

Occasionally, the botnets were used for other kinds of attacks too. Not against anybody that you’d jump to defend. Mostly against gambling sites. They’d basically say, ok it’s going to take $$$$ to make sure people can still reach your site tomorrow. After all gambling is at the edge of the law in many places, they don’t have much wiggle room to contact authorities. So, again, people didn’t take big note of it.

Then, there was a company that had another idea for getting people out of junk message mailing lists. They would follow the law, which allowed a removal request to be sent for each message received. They had a download client that would automate the process, but stay within the law. The effect was close to a denial of service for some of the big junk mailers. Some quickly conceded and cleaned their lists, but some took the lists and turned on the users of the service, and ultimately there was a massive botnet attack against that service that went on and on, eventually causing them to close up their doors.

Then there was another site. They were dedicated to computer security, to helping people remove viruses and spyware and had started an initiative to take down phishing sites. They were a bit more “mainstream” I suppose than many of the other sites. They got noticed for their work and have fallen under attack.

The above is basically a true (although stylized) narrative of the last few years of online botnet activity. Now, I CAN’T CLAIM that these attacks were all made by the same group, certainly not. BUT, I think this list shows how powerful botnets have become and the threat that they pose to the internet at the moment. Castlecops.com is the site that is the most recent target of a denial of service attack. They seem to be up at the moment, but I am really beginning to think that the internet security community has a BIG problem and a BIG fight on their hands. I think the “take down” of blue security may have given extra confidence to many in the spam/virus/spyware/phishing “community” that they have the upper hand and I ask myself if we might see security related business and communities (like castlecops) targetted one at a time until they’re DOS’ed into submission.

Indeed, blue security talked about the next stage in their fight would have been an escalation and perhaps starting a full scale “war” on the net. So, the question is… how much does our economy depend on the internet? How much power then does a botnet yield that could take out major sites for a period of time? What solutions are there?

Most efforts at taking out botnets have gone after the IRC servers that act as “command and control”. Usually, blocking those is what’s called for. However, I am beginning to wonder if another approach would be better. I’m wondering, given the fact that if you have one trojan on your pc you likely have several…. if it wouldn’t be better to design a “white hat” upgrade to distribute to a trojan, so that on the next connect to the IRC control, it updates and then displays a “YOU NEED TO REMOVE VIRUSES FROM YOUR PC” message and disables all network interfaces (routes everything to 127.0.0.1)

I know many times such “white hat” viruses backfire, but I think there needs to be serious consideration of ways to take out entire legions of botnets at one stroke, rather than cutting off one head and then the bot downloads fresh code from another server.

Related Posts

Blog Traffic Exchange Related Posts
  • Huge identity theft ring discovered by spyware research Sunbelt blog, reports that they have uncovered a MASSIVE amount of personal data, ranging from usernames to passwords to banking information and much more while investigating spyware. They found keylogger transcript software with lots of personal information. Sunbelt develops software to protect against spam and spyware and other security threats.......
  • Protecting yourself from Phishing attacks OK - well if you know what phishing is. You may already be ahead of the game. By now you've probably seen the messages. From:security@yourbank.com to:youremailaddress@isp.com subject:Security breach of your account text: It has come to our attention that there have been numerous ip addresses attempting to access your account......
  • So who is behind Windows Police Pro Virus / Rogue Security Software? As I've seen the continuing FLOOD of searches for some way to Remove Windows Police Pro, I've been starting to wonder at the who is behind this particular piece of junk software. These programs aren't written by your average ordinary virus writer, there is really too much spit and polish......
Blog Traffic Exchange Related Websites
  • Where Do I Submit My Site To? Submit My Site - A Necessary Evil   Recently I was asked,  "where are some of the places I can submit my site to."  While I can come up with an insanely exhaustive list I am going to leave out about 1200 places are so because well they aren't very......
  • A Web Hosting Business Can Make The Difference Between Achievement And Failure A world wide web hosting business needs to be capable to provide numerous innovative characteristics such as high-end hosting to leverage the very best in technological developments and ought to be able to provide diverse hosting methods. It should be possible for customers to take benefit of their own diverse......
  • Nut Web Site Instantly Assured SEO or search engine marketing techniques are relating to the art of traffic generation, on earth of internet affiliate marketing there is a renowned saying inidicating that lots of targeted traffic equals money; in all likelihood that most SEOs know this is now true. Internet ventures are frequently a failure......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site