About Me

Allysa Myers

Allysa Myers

Read More

Feeds & Podcasts

Blogs

Meet the Bloggers

Archive

Tags

#SecChat $1 million guarantee 12 Scams of Christmas access to live fraud resolution agents Acquisition Alex Thurber Android antivirus Apple botnet Channel Partners cloud security Compliance Consumer counter identity theft credit card fraud and protection credit fraud alerts credit monitoring credit monitoring and resolution critical infrastructure Cyber Security Mom cyberbullying Cybercrime cybermom data breach data center data center security Data Protection Dave DeWalt DLP Email & Web Security embedded encryption Endpoint Protection enterprise facebook fake anti-virus software Family Safety Friday Security Highlights global threat intelligence google government Hacktivism how to talk to kids how to talk to teens identity fraud identity fraud scams identity protection identity protection $1 million guarantee identity protection fraud identity protection surveillance identity surveillance identity theft identity theft expert identity theft fraud identity theft protection identity theft protection product Identity thieves and cybercriminals intel iphone kids online behavior lost wallet protection malware McAfee McAfee Channel McAfee Family Protection McAfee Identity Protection McAfee Initiative to Fight Cybercrime McAfee Labs McAfee security products Mid-Market Mobile mobile malware mobile security monitor credit and personal information Network Security online personal data protection online safety Operation Aurora PCI personal identity theft fraud personal information loss personal information protection phishing privacy proactive identity protection proactive identity surveillance Public Sector restore credit and personal identity Risk and Compliance scam scams scareware security smartphones social media social networking social networks spam Stuxnet twitter vulnerability Web 2.0 work with victim restore identity

McAfee Labs :

The Frustration of Bot Fighters

Monday, January 29, 2007 at 6:15pm by Allysa Myers
Allysa Myers

This last week I was among those at the “secretive conference” of security folks, ISPs and law-enforcement agents to discuss bots. Much like at last year’s VB conference, there was much discussion about the need for more cooperation and information-sharing between bot-fighters. Not just within the three groups but within each of the individual disciplines. People within all of the three groups were clear that none of us have all the pieces of the puzzle, and that in order for us to truly make a dent in the growth of bots and botnets, we need to share more of our information with each other.

There has been much made of turf wars within the bot herder community, but the more notable thing in terms of fighting these bots is actually how much they’re cooperating. We know they’ve been pooling resources to code their bots, but apparently they’re also sharing botnet resources quite widely (for instance, to take down a particularly robust website that they wish to attack).

There was a significant sense of frustration from all concerned about the lack of resources for the Good Guys, versus the rewards for the bot herders. Often an iron-clad case will be given to the relevant authorities, only to have the case go nowhere because the bot herders are minors and/or from a non-cooperative country.

The good news in all this is that, while things may look dim at times, events like these can and do create a lot of good connections in important places. It’s about getting the right information to the right people to not only take down isolated pieces of the puzzle, but larger and more significant chunks of the gangs behind this crimeware.

Bookmark and Share

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

 

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (2)

  • Allysa Myers February 7, 2007 4:47PM

    Hi Iva!
    There’s an entry in our glossary about bots, which pretty well sums this up:
    http://www.mcafee.com/us/threat_center/glossary.html#b

    This term refers to a program that automatically searches for and retries information or generates generic traffic over the network. While bots are not always malicious, the most common are IRC Bots that can install other malware or PUPs, distribute compromised machine lists, and organize zombies for DDoS attacks.
    __

    We’re talking specifically about malicious bots in this context.

    Reply
  • Iva Joyce February 2, 2007 1:15PM

    What is a bot? And how does it work, or what does it do, etc.?

    Reply