Botnets

I was reading an article on Slashdot about botnets the other day, specifically on the Storm botnet. To those of you who don’t know what a botnet is

a jargon term for a collection of software robots, or bots, which run autonomously and automatically. They run on groups of zombie computers controlled remotely.

I was surprised to discover that this incredible phenomenon has been around for quite a while, and from what I understand, isn’t likely to go away anytime soon. Which led to me reading up even more about the issue, so I downloaded an e-book on the topic: Botnets, the Killer Web App.

The book is very interesting, yet apparently doesn’t target those new to network security issues from a technical perspective. I tried to stay in tune to all the technical security jargon used in the book, but they were just one too many googles for me.

Apparently the Storm botnet punishes all of those who attempt to dissect and/or shut it down, DDoS being its favorite method of attack. Now if we were talking about a botnet of a couple of hundred bots working together, it would be scary, yet possibly containable, but the botnet we’re talking about

The scariest thing about the topic is that the owners of the botnet are leasing parts of it to perform certain malicious and undesirable tasks for the leasers.

Modern botnets are being fielded that are organized like real armies, with divisions of zombies controlled by different bot servers

These botnets will hit a victim with the might of a virtual army that, in the case of the Storm botnet, could consist of more than 5 Million infected zombie computers.

Conclusion:We are helpless and there’s nothing to do to stop them, WE’RE DOOMED!?

Not really, the answer is somewhat in your hands:

1. Stop opening mysterious emails from unknown (and possibly known) sources no matter how intriguing.
2. Spread the word, people like me didn’t have the first clue things were getting this ugly so fast.