Botnets increasingly threaten computers and networks, warns Georgia Tech

More than 100 million computers are currently infected with botnets, according to figures compiled by M.A.D. Partners and cited in the report, Emerging Cyber Threats Report 2011.

Botnets are malware that infect computers and run automatically to compromise large numbers of machines for malicious activity, such as sending spam, selling login credentials, or infecting other machines, the report explained.

A current trend is to release a large-scale botnet attack to hide more targeted malware attacks against a specific organization or government. This strategy makes it more difficult for the targeted organization to trace the attack.

“One of things we are seeing is the growing sophistication of malware that is used to gain control of machines and put them together to create a botnet, as well as the growing sophistication of the command and control structure….The way they evolve and their growing sophistication is one of the things we need to worry about”, said GTISC Director Mustaque Ahamad.

Ahamad told Infosecurity that botnets and other types of malware could not only damage computers and networks, but could also destroy physical systems and infrastructure. One area of particular concern is the healthcare system.

“We are seeing hospital systems being infected with controlled machines like MRIs. Cyber criminals have been going after data and resources; there is no reason to believe that they won’t go after other things that can be monetized, such as medical data. We are talking about building a health grid that can exchange medical information. As we build this health grid, we need to build security into it from the start”, he cautioned.

Hacker attacks launched against healthcare providers jumped from 6587 attacks per provider in the first nine months of 2009, to 13 379 attacks in the last three months of 2009, according to data compiled by SecureWorks and cited in the report.

In addition, the growing use of USB devices by the healthcare industry poses an increasing information security risk. “We have seen systems in hospitals that were patched, but then quickly re-infected through the insertion of USBs containing malware”, observed GTISC researcher David Dagon in the report. He compared the situation to cleaning the operating room but not the scalpels.

The proliferation of wireless devices and social networking has also increased the information security dangers, the report noted. The downloading of apps to smartphones creates a significant opportunity for hackers.

“Apps are the biggest threat to anyone. App stores are the greatest hostile software delivery system ever invented by man”, said Robert Smith, chief technology officer and co-founder of M.A.D Partners. Smith contributed to the GTISC report.

“Take for example – Apple. There are a quarter of a million apps out there today. Nobody knows what the apps really do. Apple certainly doesn’t. There is no code review process. All they do for approval is just check if the app does what people say it does”, commented Smith in an interview with Infosecurity.

Smith cited the example of an iPhone app that claimed to enable the user to employ the smartphone as a flashlight. The flashlight app costs 99 cents and became the number two iPhone application over a two-day period. In turned out that the app allowed tethering, enabling the iPhone to hook into the computer and surf the internet, an app that is very expensive to buy. Apple pulled the app once it realized what it really did.

“This one out of a quarter of a million that did something in addition to what it was supposed to do….How many apps are out there right now are stealing your contact database, stealing your email accounts, your phone number, every little piece of information about you and sending it to the web for some spammer or criminal to use. At the end of the day, it’s all about whom you trust….People are completely uneducated about the real state of mobile”, he said.

What’s Hot on Infosecurity Magazine?