Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Computer Users Claiming They’d Do Anything to Stop Cybercrime Seen as Accomplices in Botnet Attacks.

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Ready for some Q and A?

Q: What’s the first thing cybercriminals need to create a botnet — besides malware and no conscience?

A: Computers.

Q: And from whom do cybercriminals hijack computers?

A: Computer users who’d be amazed that they were accomplices, albeit unwitting accomplices, to cybercrimes. These users would also be very surprised to learn that, according to Microsoft’s assistant general counsel for Microsoft’s Digital Crimes Unit, Richard Boscovich, “Botnets have become the backbone of how criminals leverage the internet to make profits.”

Microsoft senior manager TJ Campana observes, “Criminals need very little overhead using other peoples’ machines. The trend currently is seeing the bad guys pulling more people into these botnets, tricking people to download malicious software.

“Probably 10 years ago, malware was pretty noisy. Now the goal as an attacker is to have a really small footprint on your computer where (the consumer is unaware of the cybercriminal’s presence).”

While Microsoft has been working to take down botnets, an article by Darren Pauli in said, “Microsoft has no way of knowing if its botnet takedowns will disrupt police investigations.

“(Recently, Microsoft) copped flak from security professionals after it [took down] two command and control servers used by the Zeus botnet.” Critics said the move, which was designed to disrupt rather than destroy the botnet, had actually stymied police investigations.

Microsoft, which limits the number of security people it notifies before pulling rogue servers offline, uses temporary restraining orders, which allow the botnet infrastructure to be seized without notifying bot masters.

Boscovich points out Microsoft’s way of going about fighting botnets is faster than pursuing criminal action and leads to “immediate disruption (mitigating the harm botnets cause).” Adds Campana, “Ripping away infrastructure is a great way to get to criminals.”

Though the philosophies of Microsoft and law enforcement differ as to how to fight botnets, they have a shared goal — kill botnets.

By ThreatMetrix Posted