The Botnets are coming
Botnets are the primary security threat on the Internet today. An RSA study released in April 2010 claims that most major U.S. corporations — including up to 88% of Fortune 500 companies may be affected by botnet activity from computers compromised by the Zeus Trojan.
How are Botnets created ?
A Botnet is an army of compromised machines, also known as "zombies," that are under the command and control of a single "botmaster." Botnets make lots and lots of money, with very little risk of discovery or prosecution. These attacks come from very well-funded, highly structured entities that operate much like corporations.
There’s also been a marked increase in “crimeware,” or software used to conduct cybercrime. These tools fuel the black market including, botnets, keystroke loggers, spyware, backdoors, and Trojans. User-friendly toolkits such as Zeus tenable even novice hackers to create malware and botnets.
What is the impact of Botnets?
Botnet-led exploits can take many forms such as Distributed Denial of Service (DDoS) Attacks, Spyware and Malware, Identity Theft, Phishing.
Botnet Detection and Mitigation
Botnets use multiple attack vectors; no single technology can provide protection against them. For instance, the goal of a DDoS attack is to cripple a server. The goal of a phishing attack is to lure users to a spoofed Website and get them to reveal personal data. The goal of malware can range from collecting personal data on an infected PC to showing ads on it or sending spam from it. A defense-in-depth approach is essential to detect and mitigate the effects of botnets.
In the case of the Mariposa Botnet, Symantec believes the network of infected computers stemmed in large part from the Butterfly toolkit, Here's a brief rundown of what the threat does: It spreads through file-sharing programs, Microsoft instant messaging clients, and removable drives. It opens a back door on the compromised computer, essentially giving a remote attacker full control over the compromised computer. The Kneber botnet, a variant of the ZueS Trojan has infested 75,000 systems in 2,500 corporate and governmental organizations worldwide.