Sunday, January 7, 2007

Of Botnets and Security

There is an article in the New York Times today called "Attack of the Zombie Computers is Growing Threat which sheds more light on the issue of botnets and bot attacks and how far more advanced they are becoming. It is frightening how advanced these networks have become, and how quickly they have adapted to changes and used email as a means to build larger and larger networks.

There have been quite a few instances of stolen data, from government agencies to universities, which has brought information security to the forefront of everyone's mind. Many people try to downplay the idea of identity theft, until it happens and they discover first hand just how difficult it is to prove you are you and that your identity was in fact stolen.

This brings to the light the fact that everyone, from consumers to SPAM protection companies to ISPs seems to have been caught off guard, or simply stopped paying attention. Course, why would you pay attention when people so willing purchase your protection software even though the protection software doesn't seem to be doing any good.

And you know, spammers have gotten even smarted than just building better bots that create better (undetected) networks. They've started to use the brand identity, what people associate with protection and security, so that it is even more difficult for the consumer to figure out which is real and which isn't.

They've got the best of both worlds: almost absolute anonymity, low risk and a large income no doubt tax free.

I wonder if it would be cheaper for corporations and all of the security software firms to hire these people to create security software that will actually protect. And what sort of offer could corporations and security software firms offer that is better than what the hackers are getting?

Would such a move cut down on operating costs and turn the tide of this battle? Are there even hackers out there who would switch sides?

What, really, is the best way to deal with this problem?

No comments: