Ready for some Q and A?
Q: What’s the first thing cybercriminals need to create a botnet — besides malware and no conscience?
Q: And from whom do cybercriminals hijack computers?
A: Computer users who’d be amazed that they were accomplices, albeit unwitting accomplices, to cybercrimes. These users would also be very surprised to learn that, according to Microsoft’s assistant general counsel for Microsoft’s Digital Crimes Unit, Richard Boscovich, “Botnets have become the backbone of how criminals leverage the internet to make profits.”
Microsoft senior manager TJ Campana observes, “Criminals need very little overhead using other peoples’ machines. The trend currently is seeing the bad guys pulling more people into these botnets, tricking people to download malicious software.
“Probably 10 years ago, malware was pretty noisy. Now the goal as an attacker is to have a really small footprint on your computer where (the consumer is unaware of the cybercriminal’s presence).”
While Microsoft has been working to take down botnets, an article by Darren Pauli in scmagazine.com.au said, “Microsoft has no way of knowing if its botnet takedowns will disrupt police investigations.
“(Recently, Microsoft) copped flak from security professionals after it [took down] two command and control servers used by the Zeus botnet.” Critics said the move, which was designed to disrupt rather than destroy the botnet, had actually stymied police investigations.
Microsoft, which limits the number of security people it notifies before pulling rogue servers offline, uses temporary restraining orders, which allow the botnet infrastructure to be seized without notifying bot masters.
Boscovich points out Microsoft’s way of going about fighting botnets is faster than pursuing criminal action and leads to “immediate disruption (mitigating the harm botnets cause).” Adds Campana, “Ripping away infrastructure is a great way to get to criminals.”
Though the philosophies of Microsoft and law enforcement differ as to how to fight botnets, they have a shared goal — kill botnets.