The use of Communication Technology for Legal Communication: BOTNETS

Michael Schwanzer / October 2007 / CO3714 / University of Central Lancashire

What are botnets?

 

  • How are they distributed?
    • Worms, Trojan horses, SPAM, Windows Exploits
  • Who developed them?
    • Internet underground: Script Kiddies, Organized Criminals
  • What are they used for?
    • SPAM, DDoS, Blackmailing, Phishing, Keylogging, pump and dump stock scams, etc

Puri, R. (2003) SANS: Bots &; Botnet: An Overview

Legal Aspects

 

  • Cyber Crime with botnets
  • Difficult international legal situation
  • USA: "Computer Fraud and Abuse Act", "Consumer Protection Act" and "Computer Spyware Act"
  • Microsoft
    • Unhappy because of disparity in legal situation
    • Got sued by users because of Genuine Patch witch is per definition a bot
  • Kaspersky (Security Software)
    • Wants to have a international internet Interpol
  • Russia
    • Investigation starts only on victims request (only 2%)

Interesting Facts

 

  • Famous botnet: STORM BOTNET
    • Largest botnet: 50 million nodes estimated
    • 8% of all MS Windows OS infected
    • more powerful than all supercomputers together
    • could take down the internet country wide
    • billion SPAM Mails each day
    • unsecured Windows PC gets infected by STORM
      • 50 % likely within 9 minutes
      • 90 % likely within 40 minutes

 

  • Symantec Internet Security Threat Report 2004

1. United Kingdom (25.2 per cent)

2. United States (24.6 per cent)

3. China (7.8 per cent)

 

Conclusion

Only users can prevent botnets from destroying the internet by securing their personal computers. Until there is no Internet Interpol, police has no efficient ways to fight international botnets!

In some cases companies do not request investigations because that would damage their reputation!

Do not click everything! Get Security Software! Update it at least weekly!

 

References

 

 

 

O'Brien, L. (2007) Wired Magazine, Stiffer Cyber Laws to Crack Down on Botnets, Spyware

http://www.wired.com/politics/law/news/2007/06/bot_law

 

 

 

Hines, M. (2007) InfoWorld, Global co-op feeds FBI's botnet fight

http://www.central-it.de/html/news/internationale_news/6382832/index1.html

 

 

 

Dvorsky, G. (2007) IEET, Storm Botnet storms the Net

http://ieet.org/index.php/IEET/more/dvorsky20070927/

 

 

 

Michailov, D. (2007) Should ISPs be Responsible for Botnets?

http://www.cybercrimelaw.org/2007/08/01/should-isps-be-responsible-for-botnets/

 

 

 

Spiess, K. (2007) NeoSeeker, Worm 'Storm' gathers strength

http://www.neoseeker.com/news/story/7103/

 

 

 

Berinato, S. (2006) Wired Magazine, Attack of the Bots

http://www.wired.com/wired/archive/14.11/botnet.html

 

 

 

Espiner, T. (2006) ZDNet, Crime surge sparks calls for internet Interpol

http://news.zdnet.co.uk/security/0,1000000189,39285121,00.htm?r=11

 

 

 

Keizer, G. (02005) techweb, Dutch Botnet Suspects Ran 1.5 Million Machines

http://www.techweb.com/wire/security/172303160

 

 

 

Leyden, J. (2005) The Register, ISPs urged to throttle spam zombies

http://www.theregister.co.uk/2005/05/24/operation_spam_zombie/

 

 

 

Leyden, J. (2005) The Register, Britain tops zombie PC charts

http://www.theregister.co.uk/2005/03/21/botnet_charts/

 

 

 

Leyden, J. (2005) The Register, US tops junk mail list of shame - again

http://www.theregister.co.uk/2005/04/07/spam_shame_chart/

 

 

 

Laborge, P. (2005) Spam zombie, meet the Microsoft legal team

http://www.securityfocus.com/brief/29

 

 

 

Puri, R. (2003) SANS: Bots &; Botnet: An Overview

https://www2.sans.org/reading_room/whitepapers/malicious/1299.php

 

 

 

Thomas, R. (2003) "They're just a bunch of script kiddies" - Life, Love, and War in the Underground

http://www.cert.pl/PDF/secure2003/thomas1.pdf