Antivirus Protection & Internet Security Software
28 Sep 2011Virus News
Vitaly Kamluk, Chief Malware Expert, Global Research and Analysis Team, Kaspersky Lab:
“Hundreds of thousands of machines are joining botnets every month. Most of these botnets are used to propagate spam or distribute malware that can be used in cyber espionage. Some of them are used in DDoS attacks or as proxies to commit other cybercrimes.
Botnets are a major threat to both the average user and corporations; however, the countermeasures we take are about as much use as measures a tiny mouse might take in protecting itself against a tiger: immensely inadequate. One could think that laws should be able to help us. Indeed, there is a law that prohibits unauthorized access to remote systems, i.e., third parties cannot use the resources of the other’s machine. However, cybercriminals successfully bypass this law. They utilize and exploit systems in any way they want – to commit crime, earn money, etc. At the same time we researchers come up against the same law – but in our case it prevents us from fighting botnets.
As an example of what could be done but cannot even be contemplated, there are over 53 000 command and control (C&C) centers on the Internet (source: www.umbradata.com). In many cases we know where the C&C centers of these botnets are, so in theory we could contact the owner’s Internet Service Provider and ask it to take it down or to pass control of the center to us. This would be the right decision if we didn’t want to leave all those thousands of infected machines online - continuing to attack other machines. We could issue a command for a bot to self-destroy itself from within the botnet infrastructure (starting from the command center) and then take it down. But unfortunately this represents unauthorized access, and we are not allowed to issue such a command.
Clearly we need changes to improve the situation. And first of all we need the law enforcement agencies of all nations to consider doing a few things:
For more information about taking down botnets, please watch the online press conference video which takes an in-depth look at the subject.
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software