Messaging News - October 2008 - (Page 23) tremendous volume of queries it receives, Spamhaus has designed a model which will ‘future proof’ the service and ensure it’s available and reliable ongoing. That’s where we get involved. MXTools assists by providing sales and dedicated support for commercial customers.” Another common notion about botnets is that they are about spam. According to O’Reirdan, “It is about identity theft, keylogging, DDoS and The Underground Economy Why have botnets proliferated to this extent? It is because there is tremendous money to be made. “They used to barter, but now it is a whole economy where they rent the botnets for pennies a piece,” says Bjorklund. “They sell credit cards, passports, domains, etc. For example, you can buy a fully authorized credit card, with mother’s maiden name and security questions, for $25 to $30 (USD). A lot of damage can be done in a short amount of time.” miscreants. They find all sorts of ways to accomplish this goal, though these aren’t new techniques; physical world criminals have been doing this for years. So what’s different? Online crime is often easier and has a lot less inherent risk. The biggest challenges to the miscreants aren’t IDS, firewalls, 0day creation, or any other technological hurdle. The biggest challenge is where to cash the checks. Those who actively participate in the underground economy extortion attacks and as we have seen recently—out and out attacks on government infrastructure.” Even once detected it is not easy to be rid of an infection. “When we discover an infection, primarily because these are new and novel attacks never before seen, it is unclear how to clean it off,” warns Phillip Lin, director of marketing for FireEye. “Customers end up saving critical data and then re-imaging the machine. If you look at the spyware client vendors they are struggling with this, because as soon as you remove it, it re-installs itself. It looks innocent, but what happens is they go back to a Web site to download the malicious executables and re-installs a different version of itself that will bypass the anti-virus and spyware scanners.” O’Reirdan describes the underground economy in this way, “It goes from the people that write the code all the way through to the people that deploy the code, people that rent time on botnets, people who then are involved in the laundry of cash that is generated and finally the delivery of goods. The whole thing is a business. A lot of the bots come with technical support, customer service, and refunds if you do not get the value for your money. It is a parallel economy and it is turning over an enormous amount of money. Today it is all about making money.” Thomas and Martin wrote, “Extracting cash from the underground economy is the goal of many, if not most, participating have another problem—how to move the significant quantity of illegally obtained funds.” The botnet armies are required in order to maintain this underground economy. “The goal is to always have lots of systems under their control,” says Aziz. “Using the systems can sometime compromise their presence, so they like to have a lot of systems and use subsets for their nefarious activities.” Aziz explains that if a botnet is discovered by an ISP or enterprise then they move to another set. “It is amazing the amount of design consideration they have put into this infrastructure for resiliency. It is one of the most resilient criminal infrastructures out there. Every time they run one of those campaigns they are increasing messagingnews.com 23 http://www.messagingnews.com
Table of Contents Feed for the Digital Edition of Messaging News - October 2008 Messaging News - October 2008 Contents Editor’s Note Short Takes Targeting the Technology-Wise Customer The Insider Threat: The New Era of Disaster Recovery Making Collaboration Tools Pro-Knowledge Sharing Botnets Go Marching On Dissecting Email Forensics Next in Messaging News “On Message” with Ben Gross The World is Not the Center of the Universe, and Filters Don’t Stop Email Spam Making the Case Learn More Messaging News - October 2008 Messaging News - October 2008 - Messaging News - October 2008 (Page Cover1) Messaging News - October 2008 - Messaging News - October 2008 (Page Cover2) Messaging News - October 2008 - Messaging News - October 2008 (Page 3) Messaging News - October 2008 - Contents (Page 4) Messaging News - October 2008 - Contents (Page 5) Messaging News - October 2008 - Editor’s Note (Page 6) Messaging News - October 2008 - Editor’s Note (Page 7) Messaging News - October 2008 - Short Takes (Page 8) Messaging News - October 2008 - Short Takes (Page 9) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 10) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 11) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 12) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 13) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 14) Messaging News - October 2008 - Targeting the Technology-Wise Customer (Page 15) Messaging News - October 2008 - The Insider Threat: The New Era of Disaster Recovery (Page 16) Messaging News - October 2008 - The Insider Threat: The New Era of Disaster Recovery (Page 17) Messaging News - October 2008 - The Insider Threat: The New Era of Disaster Recovery (Page 18) Messaging News - October 2008 - The Insider Threat: The New Era of Disaster Recovery (Page 19) Messaging News - October 2008 - Making Collaboration Tools Pro-Knowledge Sharing (Page 20) Messaging News - October 2008 - Making Collaboration Tools Pro-Knowledge Sharing (Page 21) Messaging News - October 2008 - Botnets Go Marching On (Page 22) Messaging News - October 2008 - Botnets Go Marching On (Page 23) Messaging News - October 2008 - Botnets Go Marching On (Page 24) Messaging News - October 2008 - Botnets Go Marching On (Page 25) Messaging News - October 2008 - Dissecting Email Forensics (Page 26) Messaging News - October 2008 - Dissecting Email Forensics (Page 27) Messaging News - October 2008 - Dissecting Email Forensics (Page 28) Messaging News - October 2008 - Dissecting Email Forensics (Page 29) Messaging News - October 2008 - Next in Messaging News (Page 30) Messaging News - October 2008 - “On Message” with Ben Gross (Page 31) Messaging News - October 2008 - “On Message” with Ben Gross (Page 32) Messaging News - October 2008 - “On Message” with Ben Gross (Page 33) Messaging News - October 2008 - “On Message” with Ben Gross (Page 34) Messaging News - October 2008 - The World is Not the Center of the Universe, and Filters Don’t Stop Email Spam (Page 35) Messaging News - October 2008 - Making the Case (Page 36) Messaging News - October 2008 - Making the Case (Page 37) Messaging News - October 2008 - Learn More (Page 38) Messaging News - October 2008 - Learn More (Page Cover3) Messaging News - October 2008 - Learn More (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.