Bot Nets on the Rise
Several sources this week have reported the large uptick in bot nets over the last month. I have seen estimates that say that the number of bot nets are up by almost 400%. I’ve also seen estimates that say that as many as 1 out of 5 US PC’s are compromised. From my analysis this seems high. It has certainly nearly doubled but given the nature of detection and the nature of bot nets in general. The bot net controllers or “herders” as they are called, avoid detection by having these programs lie dormant for a time and then call them to life and then shut them down again. So it’s hard to know if they are new infections or just commanding new machines to come online.
There’s an interesting argument that says that home computer users should received some sort of training and pass a test before being allowed on the Internet. Why? Because most of the bot net infections that cause the world-wide spam plague and much of the denial of service attacks are traced back to compromised home user computers. In aggregate, compromised home computers are costing businesses millions if not billions of dollars a year. A lack of understanding the risks and threats is in large measure part of the problem. I heard one person say it’s like allowing every 12 year old to drive a car on the freeway with no experience. We as a society don’t allow this. The inevitable havoc it would create is recognized and addressed. It is prevented by knowing and obeying the rules of the road. The same can be said of the Internet.
Some better ISP’s are becoming proactive by shutting down compromised computers. However paying customers insist on having their connections restored and the ISP has no assurance the problem has been solved.
I also think one way ISP’s can help is to create a “prepaid risk” account for each customer, essentially having the customer fund an insurance-like account that is used to indemnify ISP’s for the extra work they must do on certain accounts where people refuse to deal with bot issues. Users would receive rebates on their bills for having clean systems, those who don’t, continue to pay more and not receive the rebates. They only way this would work if it was universal since broadband access is now a commodity in many areas of the country. A market-based system of incentives and disincentives may help.
The key to bot net protection is a multi-layered approach. Education about the threat, a properly configured firewall and an a good anti-virus that scans for Trojans, keyloggers and root-kits is the best protection today. These things are “musts” when it comes to basic protection against bots.
Contact us at 814-620-2006 if you have questions or concerns about your computer’s security.