Maybe we are not hanging out at the right cocktail parties but it continues to surprise us that more people are not talking about the impact of Bots in the day to day world today.
How many of us read yesterday’s article from the WSJ on a hacking attack . The technical translation of the WSJ article is well described in this article in Darkreading.com. The point of this post is that perhaps the gravity of the concern is lost on the general public since we generally call these attacks “hacks” and perhaps we need to start educating the general public on the nuances and underlying machinations that create the environment for these “hacks” to occur. Would people grasp the severity of this then?
I am not interested in over-hyping this issue, nor do we want anyone to panic. Thankfully there are a number of companies investing a considerable amount of their own money fighting bots every day (a decent definition of bots from Cisco here, albeit with some marketing spin). But I think that since there are so many variations and complexities involved, that it is tough to boil this down into a 15 second sound byte.
There are different types of botnets but let’s talk about two. Spambotnets are simply networks of bots (computers) that are called upon to deliver spam. In a September 2009 MessageLabs Intelligence report, they estimated that there are over 172 BILLION spam messages sent every day, with 151 BILLION of these messages sent via bots. I am sure those numbers have increases since then.
The second type of botnets are the more alarming, and are the topics of the above-mentioned articles. These botnets are providing capabilities for malware to attack enterprises in either a “smash and grab” form wherein they hack in, get as much info as they can and then leave versus the “stay and listen” where the botnet delivers malware that sits on the computer listening, collecting and distributing important information for as long as it can stay. The Zeus botnet is one of the worst facilitators for distributing this type of malware and is the basis of the attacks that the WSJ and DarkReading articles discuss. For comparison purposes, the articles mentioned here are more about “smash and grab”, while a good “stay and listen” example is the attacks on Google a few months ago.
In addition to working with companies on fighting these security threats, one of our collective challenges is to figure out how to eliminate the complexity of the issue without losing the depths of implications associated with the issue. This set of threats around botnets and the associated attacks will continue until we can shine more educated light (and therefore more awareness) on the issues.