Without wishing to be the bearer of bad news, your computer now has a one in four chance of being under the influence of a botnet. According to Google Vice President Vint Cerf, approximately 600 million computers are now connected to the Internet and around 150 million of them could be unwilling participants in a botnet – an application which can be used to deliver spam, launch denial of service attacks and read usernames and passwords.
Reporting from the World Economic Forum in Switzerland, the BBC’s Tim Weber claims that botnets could eventually overwhelm the Internet and cause it to disintegrate. While there is no hard evidence to predict that this doomsday scenario will occur, security experts are warning that new Net technologies such as VOIP are leaving machines even more vulnerable to attack. According to managed security firm Network Box, the last few months has seen an increase in the number of worm variants designed to aid botnets.
Simon Heron, Technical Director of Network Box, told us: “These worms will continue to be produced, as botnets are one of the attack vectors being used to target individuals and companies. It would seem that VoIP is an ideal target for hackers in 2007. It’s a new protocol and as it’s quite complicated, it has not been integrated well into firewalls.”
Admittedly, it’s difficult to know whether IT security firms are playing on the fear factor in order to shift more solutions, but it’s fair to say that it would be foolish to ignore these warnings about the dangers of botnets. In practical terms, the installation of an antivirus suite such as AVG Antivirus, plus a decent firewall like Outpost, is a good start. However, because of the differing guises in which a botnet can mask itself (denial of service, spamming, phishing etc.) there is currently no quick fix to guarantee that you’re botnet free. There’s been a certain amount of research into ways of tracking and tackling botnets but clearly this is something that the security software industry needs to address. A cynic might argue though that while a threat remains, users are actually being cowed into buying yet another piece of security software.