Everything You Ever Wanted To Know About Botnets, But Were Afraid To Ask

Microsoft has published an incredibly detailed look at botnets, the networks of compromised network-connected computers that are one of the main distribution mechanisms for spam, malware, phishing attacks and other cyberattacks. In its latest Security Intelligence Report, Volume 9, Microsoft researchers focus on botnets and how to combat the threats they pose.

The report itself is split into multiple sections and in total is more than 240 pages of content. Of special interest is the “featured intelligence” report on botnets, “Battling Botnets for Control of Computers.” This report provides a great overview of botnets, their history and operation. It also provides some really interesting statistics about the most active botnets during Q2 of 2010.

Because Microsoft’s Windows OS is installed on so many computers, and because it includes their malicious software removal tool (“MSRT”), Microsoft is in a unique position to report on frequency of botnet infections. In the report, they report that the MSRT cleaned more than 4.3 million botnet infections in the US alone during the first half of 2010.

For those who aren’t up for sifting through hundreds of report pages, the BBC has a pretty good overview of some of the key findings, as well as quotes from Microsoft’s UK head of security. See, “Two million US PCs recruited to botnets” at BBC News.

From a desktop standpoint, one of the key takeaways here is that users should really take advantage of the automatic update features built into Windows and other operating systems. Microsoft’s latest update (issued this week on traditional “patch Tuesday”) was its largest ever with patches for more than 49 vulnerabilities (23 of them rated as highly severe) including a hole that could be exploited by the Stuxnet worm.

I’m also reminded here of the very interesting BBC “Click” program on botnets, in which BBC researchers took control of a botnet to expose its workings. As you might imagine, this caused “something of a row” as they say in the UK.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Keith Crosley directs corporate communications for Proofpoint. Keith’s job entails the promotion of Proofpoint e-mail security solutions to press, analysts and the enterprise e-mail security market at large. His blog covers a wide variety of e-mail security topics including anti-spam, phishing, identity theft, data breaches and the policy, culture and technology issues that surround e-mail. Previous positions have included director, corporate communications at Elance, senior director, worldwide public relations at BroadVision and director of marketing at WiredPlanet.com. As a key spokesperson for Proofpoint and e-mail security evangelist/researcher, he takes part in television and radio appearances. Avocationally and semi-professionally, he is a filmmaker, musician and all-round multimedia enthusiast.