Sunday, September 26, 2010

DDOS Botnets in Action

The Shadowserver Foundation is an all volunteer group of security researchers that monitor and report on online malicious activity. They occasionally blog about some of there more interesting findings. A found a recent post about DDOS botnets particularly interesting.

One of the uses of botnets that I find particularly interesting are Distributed Denial of Service(DDoS) attacks. I spend a fair amount of time tracking the various botnet related attacks that Shadowserver sees, especially when the list of victims is of fairly high profile. I've been watching a DDoS group that has been attacking a wide variety of victims in several different countries. This groups uses the BlackEnergy botnet to carry out its attacks.

The rest of the post can be found here.

1 comment:

Garrett said...

This video does a great job of raising the question, “Who is responsible for securing data?” In this particular case, three groups come to mind: individuals, the private corporations gathering data (in this case represented by the banks that owns the ATMS), and the government.

It would be convenient to rely on corporations to go to the same trouble to protect our information as they go to in order to acquire it (i.e. adding security mechanisms to their ATMs). Convenient, but not terribly realistic: security is expensive, and companies are not obliged to spend on it, therefore no one is going to hold them accountable for failing to do so. One might argue that, in the long run, consumers will abandon companies that fail to secure their data, and assuming that individuals were both aware and concerned that their information was being gathered, that might be true. Thus far, they don’t seem to be.

It would be convenient similarly convenient for us to rely on the government to impose regulations on private corporations that would force them to protect information in cases like this (i.e. laws requiring ATMS to have anti-tampering mechanisms, holding banks accountable for information breaches at their ATMS, etc.). However, such measures will always be resisted by corporations, who have good reason to oppose the extra costs and consequences of regulation, and ultimately still leave the initiative to criminals, who have strong incentives to develop means of overcoming whatever security means are employed. This is assuming that there even convenient solutions, which in this case there are, but in many there aren’t.

So realistically, we’re on our own, which is daunting, but, as shown in this video, not impossible. As long as individuals are aware that information is anything but secure, they can (and will, if they’re smart) take precautions.

But ethically speaking, should they have to? Because if not, then corporations and the government need to be, regardless of their reasons to avoid taking responsibility.