Infiltration of Kneber reveals interesting data, but what is the threat?
Security vendor Net Witness recently tapped into the logs of a command-and-control server for a botnet it calls Kneber, which has infected at least 75,000 computers at 2,500 companies and government agencies worldwide. Here are some answers to frequently asked questions about the botnet.
What exactly is the Kneber botnet?
It's a botnet discovered Jan. 26, 2010, by Net Witness that compromised 74,000 computers via the ZeuS Trojan and gathered logon and password information from them. Net Witness announced its discovery Thursday.
Where did it get its name?
The name comes from the registrant for the original domain used to pull together various components of the botnet -- hilarykneber@yahoo.com.
How old is it?
The first activity from it was March 25, 2009.
Is it out of business now?
No. After a command-and-control server for it was traced to Germany, its URL was changed, and it's running just as it was before it was discovered. The data gleaned from the server has been turned over to law enforcement agencies and major companies with employees whose computers were bots have been notified.
What damage can it do?
Individuals whose personal data was mined might suffer financial loss if criminals use the data to transfer funds out of their accounts.
What exactly is the ZeuS Trojan?
ZeuS, also called Zbot, is a very effective cyber crime tool that is routinely updated, made more sophisticated and more stealthy. It can present a different profile in each computer it infects, making it difficult to catch using signatures.
What do cyber criminals use it for?
It's often used to gather user logons and passwords, and injects its own fields into Web pages seeking more detailed information about the user's identity. But it can also steal whatever data is on a computer, can enable remote control of compromised machines and can download other malware. It also periodically uploads what it gathers to command-and-control Web servers.
How dangerous is it?
It is ranked as the most dangerous type of botnet in operation by the security firm Damballa, and 1,313 ZeuS command-and-control servers have been identified by Zeus Tracker. A ZeuS botnet was once used to steal records of people looking for jobs through Monster.com.
Why has it been around for so long?
The bot-creator is constantly upgraded to be less detectable and more flexible. It is encrypted and it adopts root kit characteristics to hide in infected machines. It is sold for about $4,000 per copy, so there are many cyber gangs using it to create botnets that they use for their individual illicit activity.
Is there any hope of stopping it?
Competition may help. A Trojan called Spy Eye does much the same thing as ZeuS and comes with a Zeus uninstaller, so if it hits on a machine already enlisted in a ZeuS bot, it can kick out Zeus and claim machine for itself. Of course, the computer is still a bot, just with a different commander.
Monday, February 22, 2010
Tuesday, February 2, 2010
10 fool-proof predictions for the Internet in 2020
1. More people will use the Internet.
Today's Internet has 1.7 billion users, according to Internet World Stats. This compares with a world population of 6.7 billion people. There's no doubt more people will have Internet access by 2020. Indeed, the National Science Foundation predicts that the Internet will have nearly 5 billion users by then. So scaling continues to be an issue for any future Internet architecture.
2. The Internet will be more geographically dispersed.
Most of the Internet's growth over the next 10 years will come from developing countries. The regions with the lowest penetration rates are Africa (6.8%), Asia (19.4%) and the Middle East (28.3%), according to Internet World Stats. In contrast, North America has a penetration rate of 74.2%. This trend means the Internet in 2020 will not only reach more remote locations around the globe but also will support more languages and non-ASCII scripts.
3. The Internet will be a network of things, not computers.
As more critical infrastructure gets hooked up to the Internet, the Internet is expected to become a network of devices rather than a network of computers. Today, the Internet has around 575 million host computers, according to the CIA World Factbook 2009. But the NSF is expecting billions of sensors on buildings and bridges to be connected to the Internet for such uses as electricity and security monitoring. By 2020, it's expected that the number of Internet-connected sensors will be orders of magnitude larger than the number of users.
4. The Internet will carry exabytes — perhaps zettabytes — of content.
Researchers have coined the term "exaflood" to refer to the rapidly increasing amount of data — particularly high-def images and video – that is being transferred over the Internet. Cisco estimates that global Internet traffic will grow to 44 exabytes per month by 2012 — more than double what it is today. Increasingly, content providers such as Google are creating this content rather than Tier 1 ISPs. This shift is driving interest in re-architecting the Internet to be a content-centric network, rather than a transport network.
5. The Internet will be wireless.
The number of mobile broadband subscribers is exploding, hitting 257 million in the second quarter of 2009, according to Informa. This represents an 85% increase year-over year for 3G, WiMAX and other higher speed data networking technologies. Currently, Asia has the most wireless broadband subscribers, but the growth is strongest in Latin America. By 2014, Informa predicts that 2.5 billion people worldwide will subscribe to mobile broadband.
6. More services will be in the cloud.
Experts agree that more computing services will be available in the cloud. A recent study from Telecom Trends International estimates that cloud computing will generate more than $45.5 billion in revenue by 2015. That's why the National Science Foundation is encouraging researchers to come up with better ways to map users and applications to a cloud computing infrastructure. They're also encouraging researchers to think about latency and other performance metrics for cloud-based services.
7. The Internet will be greener.
Internet operations consume too much energy today, and experts agree that a future Internet architecture needs to be more energy efficient. The amount of energy consumed by the Internet doubled between 2000 and 2006, according to Lawrence Berkeley National Laboratory. But the Internet's so-called Energy Intensity is growing at a slower rate than data traffic volumes as networking technologies become more energy efficient. The trend towards greening the Internet will accelerate as energy prices rise, according to experts pushing energy-aware Internet routing.
8. Network management will be more automated.
Besides weak security, the biggest weakness in today's Internet is the lack of built-in network management techniques. That's why the National Science Foundation is seeking ambitious research into new network management tools. Among the ideas under consideration are automated ways to reboot systems, self-diagnosing protocols, finer grained data collection and better event tracking. All of these tools will provide better information about the health and status of networks.
9. The Internet won't rely on always-on connectivity.
With more users in remote locations and more users depending on wireless communications, the Internet's underlying architecture can no longer presume that users have always-on connections. Instead, researchers are looking into communications techniques that can tolerate delays or can forward communications from one user to another in an opportunistic fashion, particularly for mobile applications. There's even research going on related to an inter-planetary Internet protocol, which would bring a whole new meaning to the idea of delay-tolerant networking.
10. The Internet will attract more hackers.
In 2020, more hackers will be attacking the Internet because more critical infrastructure like the electric grid will be online. The Internet is already under siege, as criminals launch a rising number of Web-based attacks against end users visiting reputable sites. Symantec detected 1.6 million new malicious code threats in 2008 – more than double the 600,000 detected the previous year. Experts say these attacks will only get more targeted, more sophisticated and more widespread in the future.
More than anything else, computer scientists who are working on redesigning the Internet are trying to improve its security. Experts agree that security cannot be an add-on in a redesign of the Internet. Instead, the new Internet must be built from the ground up to be a secure communications platform. Specifically, researchers are exploring new ways to ensure that the Internet of 2020 has confidentiality, integrity, privacy and strong authentication.
Today's Internet has 1.7 billion users, according to Internet World Stats. This compares with a world population of 6.7 billion people. There's no doubt more people will have Internet access by 2020. Indeed, the National Science Foundation predicts that the Internet will have nearly 5 billion users by then. So scaling continues to be an issue for any future Internet architecture.
2. The Internet will be more geographically dispersed.
Most of the Internet's growth over the next 10 years will come from developing countries. The regions with the lowest penetration rates are Africa (6.8%), Asia (19.4%) and the Middle East (28.3%), according to Internet World Stats. In contrast, North America has a penetration rate of 74.2%. This trend means the Internet in 2020 will not only reach more remote locations around the globe but also will support more languages and non-ASCII scripts.
3. The Internet will be a network of things, not computers.
As more critical infrastructure gets hooked up to the Internet, the Internet is expected to become a network of devices rather than a network of computers. Today, the Internet has around 575 million host computers, according to the CIA World Factbook 2009. But the NSF is expecting billions of sensors on buildings and bridges to be connected to the Internet for such uses as electricity and security monitoring. By 2020, it's expected that the number of Internet-connected sensors will be orders of magnitude larger than the number of users.
4. The Internet will carry exabytes — perhaps zettabytes — of content.
Researchers have coined the term "exaflood" to refer to the rapidly increasing amount of data — particularly high-def images and video – that is being transferred over the Internet. Cisco estimates that global Internet traffic will grow to 44 exabytes per month by 2012 — more than double what it is today. Increasingly, content providers such as Google are creating this content rather than Tier 1 ISPs. This shift is driving interest in re-architecting the Internet to be a content-centric network, rather than a transport network.
5. The Internet will be wireless.
The number of mobile broadband subscribers is exploding, hitting 257 million in the second quarter of 2009, according to Informa. This represents an 85% increase year-over year for 3G, WiMAX and other higher speed data networking technologies. Currently, Asia has the most wireless broadband subscribers, but the growth is strongest in Latin America. By 2014, Informa predicts that 2.5 billion people worldwide will subscribe to mobile broadband.
6. More services will be in the cloud.
Experts agree that more computing services will be available in the cloud. A recent study from Telecom Trends International estimates that cloud computing will generate more than $45.5 billion in revenue by 2015. That's why the National Science Foundation is encouraging researchers to come up with better ways to map users and applications to a cloud computing infrastructure. They're also encouraging researchers to think about latency and other performance metrics for cloud-based services.
7. The Internet will be greener.
Internet operations consume too much energy today, and experts agree that a future Internet architecture needs to be more energy efficient. The amount of energy consumed by the Internet doubled between 2000 and 2006, according to Lawrence Berkeley National Laboratory. But the Internet's so-called Energy Intensity is growing at a slower rate than data traffic volumes as networking technologies become more energy efficient. The trend towards greening the Internet will accelerate as energy prices rise, according to experts pushing energy-aware Internet routing.
8. Network management will be more automated.
Besides weak security, the biggest weakness in today's Internet is the lack of built-in network management techniques. That's why the National Science Foundation is seeking ambitious research into new network management tools. Among the ideas under consideration are automated ways to reboot systems, self-diagnosing protocols, finer grained data collection and better event tracking. All of these tools will provide better information about the health and status of networks.
9. The Internet won't rely on always-on connectivity.
With more users in remote locations and more users depending on wireless communications, the Internet's underlying architecture can no longer presume that users have always-on connections. Instead, researchers are looking into communications techniques that can tolerate delays or can forward communications from one user to another in an opportunistic fashion, particularly for mobile applications. There's even research going on related to an inter-planetary Internet protocol, which would bring a whole new meaning to the idea of delay-tolerant networking.
10. The Internet will attract more hackers.
In 2020, more hackers will be attacking the Internet because more critical infrastructure like the electric grid will be online. The Internet is already under siege, as criminals launch a rising number of Web-based attacks against end users visiting reputable sites. Symantec detected 1.6 million new malicious code threats in 2008 – more than double the 600,000 detected the previous year. Experts say these attacks will only get more targeted, more sophisticated and more widespread in the future.
More than anything else, computer scientists who are working on redesigning the Internet are trying to improve its security. Experts agree that security cannot be an add-on in a redesign of the Internet. Instead, the new Internet must be built from the ground up to be a secure communications platform. Specifically, researchers are exploring new ways to ensure that the Internet of 2020 has confidentiality, integrity, privacy and strong authentication.
Subscribe to:
Posts (Atom)
