LONDON - Detective Chief Superintendent Mick Deats, head of the British National Hi-Tech Crime Unit, has an impossible task: defending Britain against attacks from 11 million PCs around the world.
The problem with "botnets" (as groups of these machines are known) is becoming serious.
"One indication of the increase in organised crime groups' use of botnets is that 25 per cent of our work revolves around this area of criminality, and that looks likely to increase," Deats says.
His unit is charged with combating computer-based serious and organised crime.
Here is an example.
Several British gambling firms were targeted by Russian criminals using botnets to bombard websites with millions of messages (packets of data) in an attempt to put them off the air.
A spokesman for William Hill has confirmed that early this year the bookmaker suffered a denial-of-service attack coupled with an extortion demand for US$50,000. During the attack, William Hill's online gaming trade dipped by 30 per cent.
Following the money trail from companies who paid up, the unit helped to dismantle a determined group of organised criminals. In July, a joint operation with its Russian counterparts saw the arrests of three men suspected of running a global protection racket netting hundreds of thousands of dollars from online gambling sites.
So how do botnets work? A bot is a hidden remote-control program loaded on to your computer without your consent, and increasingly used for villainous purposes.
Under the control of a "botherd", the botnet can be anything from a few hundred to tens of thousands of machines. Large botnets pack a mighty electronic punch when the combined bandwidth attacks a website, denying access to legitimate users.
Botnets send out spam, carry out identity theft, mount "phishing" scams (getting people to divulge personal information and data) or disseminate new malware (malicious software, designed to damage or disrupt a system).
"Botnets are attractive to high-tech criminals because they can be reconfigured to commit different crimes and reprogrammed in response to new security developments, and particularly because criminals can use them to commit offences on a massive scale," Deats says.
It all began, innocently enough, in internet relay chat (IRC) channels, where the first bots were created as robotic helpers. Eventually, somebody demonstrated that large groups of compromised PCs could be controlled from an IRC channel, and the botnet was born.
"We know, for example, that botnets are also increasingly being hired out to third parties, making them a valuable commodity in themselves," Deats says.
A botherd may control different types of bot. They swap information, services or favours, and read underground hacker publications on how to make money from their botnets.
The unit is now afraid that serious organised crime will pay hackers to write more powerful bots. Worryingly, it has noted denial-of-service extortion attacks on other kinds of firms as the online gaming industry strengthens its defences and refuses to pay up.
The unit also strongly advises home PC users to install the latest software patches and anti-virus software and a firewall.
AOL does more than most internet service providers to curb the botnet menace but a spokesman claims that other ISPs face problems: "Most ISPs could, at peak, be experiencing hundreds of compromised accounts each day; probably more among those ISPs that don't have a strong security focus."
It's easy to ignore nagging messages from Microsoft Windows about updates. Worse still, you might have a totally unprotected PC. The result? The IT firm Mi2g says there's now a malware epidemic, with as many as 11 million computers around the world being permanently infected "zombies" - that's another name for bots.
The head of threat analysis at Symantec, Nigel Beighton, knows all about user laziness. The company reckons that 30,000 new machines are recruited as bots every day, although its Norton software products will repel viruses, worms and malware.
Beighton says: "It's now quite common for us to see that denial-of-service attacks are sophisticated and can be controlling 30,000 bots at time."
- INDEPENDENT
Botnets: hidden menace makes PCs an instrument of extortion
AdvertisementAdvertise with NZME.