4um: Zombie Computers Decried As Imminent National Threat

Title: Zombie Computers Decried As Imminent National Threat
Source: Wired
URL Source: http://blog.wired.com/27bstroke6/2008/04/zombie-computer.html
Published: Apr 10, 2008
Author: Ryan Singel
Post Date: 2008-04-10 11:49:34 by robin
Keywords: None
Views: 177
Comments: 11

SAN FRANCISCO -- Gangs of thousands of zombie home computers grinding out spam, committing fraud and overpowering websites are the most vexing net threat today, according to law enforcement and security professionals.

Today's botnet herders have hundreds of thousands of computers at their command and use technically sophisticated ways to hide their headquarters, making it easy for them to make millions from spam and credit card theft. They can also be used to direct floods of fake traffic at a targeted website in order to bring down a rival, extract protection money or less frequently, used to make a political point in the case of attacks on Estonia and the Church of Scientology.

Security pros and government officials are now describing the latter attacks, known as Distributed Denial of Service attacks, as serious threats to national security -- turning packet floods against public websites into the latest face of "cyberwar" hysteria.

Hence, the appearance Tuesday of a panel discussion at the RSA 2008 security conference entitled "Protecting the Homeland: Winning the Botnet Battle," which was marked by a mix of resignation, indignation and post-9/11 rhetoric.

Ronald Teixeira, the executive director of the non-profit National Cyber Security Alliance and the panel's moderator, began the discussion by describing botnets as "one of the largest threats we face on the internet today, and they can be used to attack critical infrastructure."

The Department of Homeland Security's representative Jordana Siegel, who works on public awareness at the National Cyber Security Division, echoed the line that botnets were a imminent threat to the nation's security.

Citing the attacks on Estonia last year by Russian nationalist hackers, Siegel said botnets can "disrupt an internet-reliant society," saying that the temporary takedown of Estonian newspaper and government websites "nearly crippled the country's cyber infrastructure." Earlier in the day, Homeland Security chief Michael Chertoff leaned on Estonia as evidence of the need for a federal government "Manhattan Project" for computer security.

Siegel said the DHS is working at fighting the problem, citing the annual October National Cyber Security Awareness month, which she said helped Americans learn that "all users need to practice safe online behavior."

McAfee's Joe Telafici, a vice president in their security lab, lamented the ease with which botnet herders can abuse domain registration services and the low cost of e-mail, which make the economics of online crime very attractive.

"We are seeing a model that is so economically viable that trying to tell the kids it is a bad thing to do is bound to fail," Telafici said, suggesting that botnet herders outnumber the 15,000 or so attendees at RSA. "Even if you don't have a computer, you are paying money to someone for the cost of dealing with the security ramifications."

FBI agent Matthew Fine cited two recent takedowns of U.S.-based botnets, operations dubbed Bot Roast, as an example of how the FBI is dealing with botnets. Fine declined to speculate, however, on whether the arrests actually put a dent in overall online criminality.

"I get paid to put bad guys in jail," the flat-topped Fine said, but he noted that as soon as one botnet herder was prosecuted another takes his place.

"It is a boulder coming down the hill and I am trying to keep it from getting to the bottom," Fine said.

Fine hopes Congress will step in with tougher criminal penalties for botnet runners, but noted that judges were now handing out substantial sentences of four to five years in cases brought to them by the feds.

Ira Winkler, a security consultant known for his outspoken ways, countered that this was all just caterwauling and that if the country thought that botnets were a real problem, ISPs and individual users would be held responsible for zombie machines.

"The problem is no one is doing anything," Winkler said, proposing that users be fined or blocked if their computer is infected.

"Guess what? If your system has a bot on it, you don't get on the internet," Winkler said, summarizing his proposal.

"We need to hold people responsible when they present an imminent threat to other people," Winkler said to wide applause from the audience. He contrasted the lack of computer regulation to laws preventing unsafe cars from taking the road.

Sparing no target, Winkler went on to ridicule DHS's awareness efforts as useless, and argued that the highest levels of government don't care about computer crime, citing the ability of a Russian cyber-criminal group known as the Russian Business Network to remain free.

"When they start putting the RBN in jail, then I will be impressed," Winkler said, noting that would require the feds to put pressure on the Russian government to stop protecting the gang -- not an easy task.

Still, Winkler argues, that's doable with political will.

"When the U.S. government wants to get things done, they know how to put people in jail."

So what really is the threat to the so-called Homeland from zombie computer armies?

When asked by Threat Level, the panel came to a split decision.

"Terrorism with botnets is overrated," McAfee's Telafici said. "But if you are looking at the economic burden of botnets, we could probably do without it."

Winkler suggests that botnets could be used in tactical small attacks, including, perhaps, inflicting minor power outages.

DHS's Siegel defended the use of overheated rhetoric, saying that temporarily unavailable government or financial websites would erode public confidence.

Missing from the panel discussion was any in depth talk about real solutions.

For instance, ISPs can easily learn or be told which of their customers has an infected computer, but due to the customer support costs of cutting off a zombified user -- angry phone calls, confusion -- they tend to do little.

Also not talked about are changes in internet governance that punish known domain sellers and ISPs that favored by online criminals for their lax policies.

See Also:

I believe that banking institutions are more dangerous to our liberties than standing armies. If the American people ever allow private banks to control the issue of their currency, first by inflation, then by deflation, the banks and corporations that will grow up around the banks will deprive the people of all property until their children wake-up homeless on the continent their fathers conquered. The issuing power should be taken from the banks and restored to the people, to whom it properly belongs.

Thomas Jefferson, Letter to the Secretary of the Treasury Albert Gallatin (1802)

Do you really want free internet and ultra-low long distance? Trouble is it's also low cost for telemarketers, spammers, etc. Trade-offs, trade-offs...

...Both methods yielded similar results, which support the previous findings; that is, of all modern human samples, sub-Saharan Africans again exhibit the closest phenetic similarity to various African Plio-Pleistocene hominins...
Ancient teeth and modern human origins: An expanded comparison of African Plio-Pleistocene and recent world dental samples, Journal of Human Evolution Volume 45, Issue 2, August 2003, Pages 113-144

What is IPv6? It is the adoption of a new protocol that uses more "bits" to assign internet addresses; about a 10-fold increase.

It won't stop the stupids from becoming zombies, but it should make them easier to find.

If illegal alien = "undocumented worker" then drug dealer = "unlicensed pharmacist"

There is no anonymity now unless you are using a offshore proxy that doesn't keep logs. Those that continue to use these prozies will continue to be hard to find. IPv6 will only lead to more Internet addresses being available, not any more or less anonymity.

It is BS for sure. Yes there are spam machines out there, but they can be blocked easily. The DHS will do anything to take more control of the Internet, ANYTHING. The free flow of information is not in the elites' best interests.

It's still possible to be anonymous without a proxy through certain connections.

But IPv6 will assign, kinda like a Social Security Number, to anyone using the Internet. I could be wrong about this, but that's what I see in it's implementation.