In Depth
Botnets: 4 Reasons It's Getting Harder to Find and Fight Them
Researchers say vulnerable Web 2.0 applications and peer-to-peer architecture are making it easy for hackers to maintain armies of hijacked computers
By Bill Brenner, Senior Editor
As a result, malware pushers have a relatively easy time using these applications for foul play, including botnet building.
4. Social networking has widened the attack surface
Then there's the growing use of social networking programs like Facebook, Twitter and Myspace, which are easy for the non-tech savvy to use and also hard for enterprise IT shops to monitor.
At the ShmooCon security conference in Washington D.C. in February, for example, researchers Nathan Hamiel and Shawn Moyer guided attendees through attacks made easy because of the very nature of these sites, where users can upload and exchange pictures, text, music and other content with little effort. [See: Slapped in the Facebook: Social Networking Dangers Exposed]
Among the attacks targeting these programs, hackers use social networking tricks to dupe users into opening links that in turn drop malware onto the computer, effectively turning it into another zombie machine in a monster botnet.
User education still a key defense
Gunter Ollmann, vice president of research at Atlanta-based security vendor Damballa, Inc., said enterprise IT shops would do well to ramp up efforts to detect the lesser known malware being used to such devastating effect these days. In the last 2 years, he said, IT shops have deployed a broad range of detection and prevention technologies. Each layer of defense has gotten better at fending off certain attacks.
"The more common the threat, the better the protection," he said. "But the bad guys are very much aware of how these defenses work, so they're using more sophisticated, targeted social engineering attacks. Looking at the malware used, a high percentage is IDS and AV proxy aware."
Ollmann and others offer the same advice: Since attackers are so successful at using social engineering tricks -- luring users with fake headlines that play on current events and duping them into clicking on malicious links -- one of the best defenses remains user education.
Show the average user what they're up against every time they go online and they are less likely to be duped into downloading the bot-building code, experts say.
Other stories by Bill Brenner
botnets
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
