Botnet Attacks Now With A Political Bent

Prolexic a network protection firm has released a report according to which, in the botnet evolution's latest phase, activist and political inclinations are now the key motivation for espionage, denial-of-service, and other assaults.

The company reported that approximately 50 DoS assaults were being executed daily targeting its customers. Moreover, zero-day assaults had become more sophisticated and greater in number, suggesting that state sponsorship might be involved.

Says Paul Sop, chief executive officer of Prolexic, hackers' groups are developing new techniques. Apparently, good amount of dollars is being invested in their R&D. These programs are structured and possibly enjoy state funding, the CEO contends. V3.co.uk reported this on February 10, 2010.

Sop further says that the three countries, which are prominent havens for proactive hacking abilities are USA, China and Israel. The rest do not receive the same scale of funding, he adds.

Furthermore according to Prolexic, while computer networks in general manage at safeguarding themselves against attacks sized 10Gbps, the current attacks are sized as high as 50Gbps, and attacks almost 100Gbps are getting more-and-more common. Normally network administrators are able to monitor traffic for a particular amount by using firewalls and packet inspection for spotting botnets, but these measures are being thwarted, with the attackers discovering more-and-more new methods.

To defeat computer networks' basic protection, computers launching attacks do them much slowly and use different kinds of IP addresses. Consequently, it becomes hard to distinguish attack requests from genuine requests. Moreover, the attacks can be intense that use only a few number of IP addresses till the networks are crippled and then executed again with another bunch of IP addresses.

Although Prolexic monitors many command-and-control servers that maneuver innumerable bots, experts can't easily locate the attack's source or the bot-herders behind it. Sop comments that current attacks can hardly be traced for, the anonymous bot-herders, can execute them from any place. Ifosecurity.com reported this on February 10, 2010.

Ultimately, Prolexic stated that botnets were difficult to trace as their attack methods were vast. Moreover, the non-traceability factor had resulted in too many sponsors who voluntarily invested in the development of newer attacks.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 2/17/2010