30 November 2007

FBI: Millions of computers roped into criminal 'robot networks'

WASHINGTON (CNN) -- More than 1 million computers in the last five months have become part of robot networks, or "botnets," in which hackers take over computers without their owners' knowledge and use them in criminal campaigns, the FBI said Thursday.


FBI Director Robert Mueller says botnets are "the Swiss Army knives of cyber crime."

The bureau in June announced Operation Bot Roast to stop this emerging type of cyber attack, which the FBI estimates has resulted in $20 million in losses and theft.

More than 1 million computers were infected with botnets when the FBI launched Bot Roast, and another million have been identified since then. Industry numbers suggest there are millions more.

According to an FBI news release, New Zealand authorities in tandem with the FBI searched the home of an individual -- identified only by the cyber name, "AKILL" -- whose "elite international botnet coding group" is suspected of infecting more than 1 million computers.

Since the operation was launched, 13 search warrants have been served around the world, and eight individuals -- in Washington, Pennsylvania, Florida, California and Kentucky -- have been indicted or found guilty of crimes related to botnets. Such crimes include fraud, identity theft and denial of service attacks in which computer Web sites and other resources are made unavailable.

The schemes target more than individual computer users. The FBI in a news release said recent attacks have ensnared a major financial institution in the Midwest and the University of Pennsylvania.

FBI Director Robert Mueller noted in a speech earlier this month that there is potential to attack entire networks, send spam, infect computers and inject spyware -- not to mention more sinister crimes that threaten national security.

"Botnets are considered the Swiss Army knives of cyber crime. You name it, they can do it," Mueller said during a speech at Penn State University. "A botnet could shut down a power grid, flood an emergency call center with millions of spam messages or disable a military command post."

Here's how botnets work: A hacker known as a "botherder" takes over computers using viruses, worms or Trojan horses. A Trojan horse is software that appears to perform a harmless task while cloaking its true function.

Computer users unwittingly grant access to the botherder by clicking on an advertisement, opening an e-mail attachment or providing information to a "phishing" Web page, which is a phony site that mimics a legitimate site.

Once they have access, botherders use the computers for their criminal enterprise, making it difficult to trace.

According to a September report from Symantec Corp., China had the most infected computers at 29 percent, followed by the United States at 13 percent. However, Symantec said, 43 percent of all command-and-control servers -- which botherders use to relay commands to infected computers in their network -- were located in the United States.

Symantec reported that in the first half of 2007 it had detected more than 5 million computers that had been used to carry out at least one cyber attack a day.

The number represented a 17 percent drop since the previous reporting period, Symantec said.

The decrease is indicative of stronger computer security and law enforcement initiatives like Operation Bot Roast that are forcing botherders to abandon the technique, Symantec reported.

Protecting your computer is as easy as "putting locks on your doors and windows," according to an FBI news release. Make sure your anti-virus software is up to date, install a firewall, use complicated passwords and be careful opening e-mail attachments and advertisers' links on Web sites, the bureau advised.

No comments:

Post a Comment

if you interest for this articles, please leave comment