Botnets Target Campus Computer Networks

ShadowServer has asked IT officials at colleges/universities campuses that they should avoid using students social security numbers as identification because nearly 5,900 botnets have pilfered critical information from computer networks in several sectors such as higher education. ShadowServer actually involves in monitoring the botnet activities in the education, governments and private sectors.

Peyton Engel, Technical Architect, CDW-G (a company that provides technological solutions for education, government and business) states that colleges and universities use the method of assigning students' social security numbers as their identification. However, this method seems non-conducive in the present circumstance when botnet and virus activities become quite common and therefore, campuses IT staff should assign random algorithm numbers to students, as reported by ecampusnews on March 3, 2010.

Engel further adds that this method is not an ideal solution to beat botnet attacks but it could help in mitigating attacks. When hackers do not find social security numbers correspond to students ID numbers, then the damage could be reduced.

Engel also highlights the issue that IT officials at campuses have been facing a lot of problem to deactivate or eliminate botnet attacks. They often fail to stop botnets from gathering critical information such as keystrokes, passwords and screen shots transmitted to spammers.

A new trend has been observed about botnets that they become stealthier and sophisticated, said Engel. If a computer user knew that his machine had botnet, then he must have been familiar the way his machine had infected other machines.

It is noticeable that botnet attacks are not confined to colleges and universities, but other important sectors like top companies and government agencies have been in the top list of their attacks. For instance - NetWitness Corp, an Internet security firm, found a botnet of 74,000 corrupt computers in February 2010. The botnet stole the information from over 2,400 government and business computers.

As per the company's investigation, the botnet had been successful in compromising computers of both commercial and government along with stealing of 68,000 corporate login details. It had gained access to e-mail system, Facebook, Yahoo, online banking accounts, Hotmail and other social network credentials. The botnet also accessed over 2,000 digital security certificates and cache of personal information.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 3/11/2010