Botnets Expand More Than Double: Microsoft

According to Microsoft's SIRv9 (Security Intelligence Report volume 9), the total number of computers the company has detected that belong to a botnet increased from 3m in April-June 2009 to 6.5m during April-June 2010.

Remarking about the problem, Microsoft states that botnets pose a special problem as there's hardly any external indication of infected PCs getting compromised.

General Manager Adrienne Hall of the Microsoft Trustworthy Computing group in Europe Conference stated that botnets were the core of Internet crime systems that let criminals to carry out spamming, phishing, advance fee scams and click fraud.

According to her, it's quite evident that people managing botnets (bot-herders) strive for maintaining, sustaining as also expanding bot networks for monetary benefits. SCMagazine reported this on October 13, 2010.

Reading further into the SIRv9, one will find that in a large number of instances, cyber-criminals use specific types of malicious software with certain bot networks for the proliferation of various kinds of cyber-crime.

Incidentally, the report is based on data that has been collected from 600m systems from all over the world. In the U.K, the number of bot infections (2.7 computers per 1,000 PCs) is less than the world mean viz. 3.2. Moreover, the countries, which have the maximum number of bot infections, are Mexico (11.4 per 1,000 machines), Spain (12.4 per 1,000) and Korea (14.6 per 1,000).

Further, in terms of the expansion of botnets as also their deadly outcome, head of security Cliff Evans at Microsoft U.K stated that a botnet named Lethic sent 56.7% of spam during March-June 2010 using merely 8.3% of botnet Internet Protocol addresses that were known. According to him, Lethic's activity only indicated the extension of sophistication of cyber-criminals in building bot infrastructures. Metro reported this on October 13, 2010.

Ultimately Microsoft recommends measures for combating botnets stating that a firewall and anti-virus software should be maintained up-to-date, operating systems along with applications like Office 2010 and Windows 7 should be revised to the most recent edition, passwords should be set strong, as well as tough security policies should be implemented at enterprises. Tehradar.com reported this on October 14, 2010.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 10/25/2010