November 14, 2007:
The most
powerful Internet weapons on the planet are botnets. And many of them are
getting into uniform. Never heard of botnets? Your PC, at home or at work, may
be part of one. In wartime, many of these botnets would be turned into weapons.
A botnet can be used to shut down essential military networks, or infect
military computers with destructive (to the computer) software. This isn't
science fiction. It is real.
Botnets are large numbers of
infected PCs, known as zombies, under the control of botherders (the people who
run the networks, botnets, of zombies). Zombies are created by hackers, who
write computer viruses that get into your computer from an infected website or
booby trapped file attachment to spam email. There are believed to be tens of
millions of zombies out there, and thousands of botnets.
Many of you may have noticed a
lot of spam this year directing you to look at an online greeting card, or
accompanied by pdf or image files. That was a botherder looking to add your PC
to his botnet. When you try to look at the file, a program secretly takes over
your computer. These botnets are built to remain hidden from you. All the
botherder wants to do is use your Internet connection to send spam, or other
types of malicious data.
The largest known botnet is Storm, which has about a
quarter million zombies. Smaller ones, like Rbot and Bobax, have about a tenth
as many zombies. These are more common botherd sizes these days, because
commercial and military computer security organizations are putting a lot more
effort into tracking and attacking these beasts. It's safer to maintain many
small botnets, rather than a few very large ones.
Since most of the botnets are
run by criminals keen on making money (by fraud or theft), the botherders have
responded to the increased attacks by making their zombies stealthier. That
works, up to a point, so the botherders are also using fewer large botherds,
and more smaller ones. That means more work, but it beats losing a 100,000 PC
botnet, that cost you $30,000 to create. It's expensive enough to maintain a
botnet, as the rate of PCs getting cleaned up (zombie software removed) is
going up. Each cleaned up PC means you have to infect another to maintain the
size of you botnet. The botherders try to come up with ways to make it cheaper
to infect PCs, but that gets more difficult as well. Most botnets are run by
criminals interested in making money. Thus they have to watch their expenses.
Military users of botnets are
very quiet about their work, because turning a PC into a zombie, without the
permission of the user, is a crime. There has been some quiet talk, in
democracies, of passing laws allowing the military to infect lots of computers,
and form botherds, in the event of a national emergency. Police states, like
China, don't worry so much about laws. Intelligence agencies are developing
contacts in the Internet criminal underground, to make arrangements for renting
existing botnets in wartime.
It's a new world.