Botnets: 4 Reasons It's Getting Harder to Find and Fight Them

Researchers say vulnerable Web 2.0 applications and peer-to-peer architecture are making it easy for hackers to maintain armies of hijacked computers

As a result, malware pushers have a relatively easy time using these applications for foul play, including botnet building.

4. Social networking has widened the attack surface
Then there's the growing use of social networking programs like Facebook, Twitter and Myspace, which are easy for the non-tech savvy to use and also hard for enterprise IT shops to monitor.

At the ShmooCon security conference in Washington D.C. in February, for example, researchers Nathan Hamiel and Shawn Moyer guided attendees through attacks made easy because of the very nature of these sites, where users can upload and exchange pictures, text, music and other content with little effort.

Among the attacks targeting these programs, hackers use social networking tricks to dupe users into opening links that in turn drop malware onto the computer, effectively turning it into another zombie machine in a monster botnet.

User education still a key defense
Gunter Ollmann, vice president of research at Atlanta-based security vendor Damballa, Inc., said enterprise IT shops would do well to ramp up efforts to detect the lesser known malware being used to such devastating effect these days. In the last 2 years, he said, IT shops have deployed a broad range of detection and prevention technologies. Each layer of defense has gotten better at fending off certain attacks.

"The more common the threat, the better the protection," he said. "But the bad guys are very much aware of how these defenses work, so they're using more sophisticated, targeted social engineering attacks. Looking at the malware used, a high percentage is IDS and AV proxy aware."

Ollmann and others offer the same advice: Since attackers are so successful at using social engineering tricks -- luring users with fake headlines that play on current events and duping them into clicking on malicious links -- one of the best defenses remains user education.

Show the average user what they're up against every time they go online and they are less likely to be duped into downloading the bot-building code, experts say.

Tags botnetssocial networkingsocial engineering

Show Comments