Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] Botnets: a retrospective to 2006, and where we are hea

from [Gadi Evron] Network Security [Permanent Link]
Subject: [Full-disclosure] Botnets: a retrospective to 2006, and where we are headed in 2007
Date: Fri, 22 Dec 2006 21:59:28 -0600 (CST) 
A few months back I released a post on where I think anti-botnets
technology is heading ( http://blogs.securiteam.com/index.php/archives/697 ).
Now it's time for what happened in 2006, and what we can expect from here
on.

I am not a strong believer in such retrospective looks, as often, they are
completely biased and based on what we have seen and what we want to
see. This is why I will try and limit myself to what we know happens and
is likely to get attention, as well as what we have seen tried by bad
guys, which is working for them enough to take to the next level.

What changed with botnets in 2006:
1.Botnets reached a level where it is unclear today what parts of the
Internet are not compromised to an extent. Count by clean rather than
infected.
2. Botnets have become the most significant platform from which virtually
any type of online attack and crime are launched. Botnets equal an online
infrastructure for abusive or criminal activity online.
3. In the past year, botnets have become mainstream. From a not existent
field even in the professional realm up to a few years ago, where attacks
were happening constantly reagrdless, it has turned to the main buzzword
and occupation of the security industry today, directly and indirectly.
4. Websites have returned to being one the most significant form of
infection for building botnets, which hadn't been the case since the late
90s.
5. Botnets have become the moving force behind organized crime online,
with a low-risk high-profit calculation.
6. New technologies are finally being introduced, moving the botnet
controllers from using just (or mainly) IRC to more advanced C&C (command
and control) channels such as P2P, or multi-layered, such as DNS and IRC
on the OSI model.
7. Botnets used to be a game of quantity. Today, when quantity is assured,
quality is becoming a high concern for botnet controllers, both in type of
bot as well as in abilities.

What's going to happen with botnets in 2007:

Botnets won't change. All will remain the same as it has been for
years. Awareness however, will increase making the problem appear larger
and larger, perhaps approaching its real scale. The bad guys would utilize
their infrastructure to get more out of the bots (quality once quantity is
here) and be able to do more than just steal cash. Maximizing their
revenue.

Further, more and more attackers unrelated to the botnet controllers will
make use of already compromised systems and existing botnets to gain
access to networks, to facilitate anything from corporate espionage and
intelligence gathering, to shame-less and open show of strength to those
who oppose them (think Blue Security), in the real world as well as the
cyber one (which to the mob is one and the same, it's the income that
speaks).

Meaning, the existing botnets infrastructure will be utilized both in an
open fashion, due to the fact online miscreants (real-world mob) face
virtually no risk, as well as quiet and secretive uses for third-party
intelligence operations.

        Gadi Evron.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] Botnets: a retrospective to 2006, and where we are headed in 2007, Gadi Evron <=
Previous by Date:  Re: [Full-disclosure] Harold C. Turner a.k.a. Hal Turner - Internet Radio Talk Show Host, Rob \"Nexis\" Nelson
Next by Date:  [Full-disclosure] Multiple Remote Vulnerabilities in KISGB, 0o_zeus_o0 elitemexico.org
Previous by Thread:  [Full-disclosure] Harold C. Turner a.k.a. Hal Turner - Internet Radio Talk Show Host, Pedro Martinez
Next by Thread:  [Full-disclosure] Multiple Remote Vulnerabilities in KISGB, 0o_zeus_o0 elitemexico.org
Indexes:  [Date] [Thread] [Top] [All Lists]