Godlike Productions Banner
10:11 AM
NEW GLP LIVE VOICE & TEXT CHAT
ForumDiscussion TopicsAdvanced SearchMembers DirectoryClick Here To Donate To GLP!
ForumTopicsAdv. SearchDirectory Donate To GLP

News





  Sunday, November 22, 2009  
  Breaking News     Back
Major Storm Brewing On The Net

Guardian

2007-10-22

In millions of Windows, the perfect Storm is gathering


A spectre is haunting the net but, outside of techie circles, nobody seems to be talking about it. The threat it represents to our security and wellbeing may be less dramatic than anything posed by global terrorism, but it has the potential to wreak much more havoc. And so far, nobody has come up with a good idea on how to counter it.

It's called the Storm worm. It first appeared at the beginning of the year, hidden in email attachments with the subject line: '230 dead as storm batters Europe'. The PC of anyone who opened the attachment became infected and was secretly enrolled in an ever-growing network of compromised machines called a 'botnet'. The term 'bot' is a derivation of 'software robot', which is another way of saying that an infected machine effectively becomes the obedient slave of its - illicit - owner. If your PC is compromised in this way then, while you may own the machine, someone else controls it. And they can use it to send spam, to participate in distributed denial-of-service attacks on banks, e-commerce or government websites, or for other even more sinister purposes.

Storm has been spreading steadily since last January, gradually constructing a huge botnet. It affects only computers running Microsoft Windows, but that means that more than 90 per cent of the world's PCs are vulnerable. Nobody knows how big the Storm botnet has become, but reputable security professionals cite estimates of between one million and 50 million computers worldwide. To date, the botnet has been used only intermittently, which is disquieting: what it means is that someone, somewhere, is quietly building a doomsday machine that can be rented out to the highest bidder, or used for purposes that we cannot yet predict.

Of course, computer worms are an old story, which may explain why the mainstream media has paid relatively little attention to what's been happening. Old-style worms - the ones with names like Sasser and Slammer - were written by vandals or hackers and designed to spread as quickly as possible. Slammer, for example, infected 75,000 computers in 10 minutes, and therefore attracted a lot of attention. The vigour of the onslaught made it easier for anti-virus firms to detect the attack and come up with countermeasures. In that sense, old-style worms were like measles - an infectious disease that shows immediate symptoms.

Storm is different. It spreads quietly, without drawing attention to itself. Symptoms don't appear immediately, and an infected computer can lie dormant for a long time. 'If it were a disease,' says one expert, Bruce Schneier, 'it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will come back years later and eat your brain.'

Schneier thinks Storm represents 'the future of malware' because of the technical virtuosity of its design. For example, it works rather like an ant colony, with separation of duties. Only a small fraction of infected hosts spread the worm. A much smaller fraction are command-and-control servers; the rest stand by to receive orders. By only allowing a small number of hosts to propagate the virus and act as command-and-control servers, Storm is resilient against attack because even if those hosts shut down, the network remains largely intact and other hosts can take over their duties.

More fiendishly, Storm doesn't have any noticeable performance impact on its hosts. Like a parasite, it needs the host to be intact and healthy for its own survival. This makes it harder to detect, because users and network administrators won't notice any abnormal behaviour most of the time.

And instead of having all hosts communicate with a central server or set of servers, Storm uses a peer-to-peer networking protocol for its command-and-control servers. This makes the botnet much harder to disable because there's no centralised control point to be identified and shut down.

It gets worse. Storm's delivery mechanism changes regularly. It began as PDF spam, then morphed into e-cards and YouTube invites. It then started posting blog-comment spam, again trying to trick viewers into clicking infected links. Similarly, the Storm email changes all the time, with new, topical subject lines and text. And last month Storm began attacking anti-spam sites focused on identifying it. It has also attacked the personal website of a malware expert who published an analysis of how it worked.

At the moment, nobody knows who's behind this. Is it a Russian mafia operation? An al-Qaeda scheme? The really creepy thing is that, to date, the controllers of Storm have used it for such relatively trivial purposes. The suspicion has to be that they are biding their time, waiting for the moment when, say, 100 million naive Windows users have clicked on an infected link and unwittingly added their machines to the botnet.

Only then will we know what a perfect storm in cyberspace is like.

  Email Article

  Discuss in the Forum

Back

Click Here To Donate To GLP!



 Valid HTML 4.01 Transitional



Disclaimer:
This website exists for entertainment purposes only. The reader is responsible for discerning the validity, factuality or implications of information posted here, be it fictional or based on real events. Moderators on this forum make every effort to review the material posted on this site however, it is not realistically possible for our small staff to manually review each and every one of the more than 10,000 posts GodlikeProductions gets on a daily basis.

The content of post on this site, including but not limited to links to other web sites, are the expressed opinion of the original poster and are in no way representative of or endorsed by the owners or administration of this website. The posts on this website are the opinion of the specific author and are not statements of advice, opinion, or factual information on behalf of the owner or administration of GodlikeProductions. This site may contain adult content and if you feel you might be offended by such content, you should log off immediately.

Not all posts on this website are intended as truthful or factual assertion by their authors. Some users of this website are participating in internet role playing, with or without the use of an avatar. NO post on this website should be considered factual information on face value alone. Users are encouraged to USE DISCERNMENT and do their own follow up research while reading and posting on this website. Godlikeproductions.com reserves the right to make changes to, corrections and/or remove entirely at any time posts made on this website without notice. In addition, Godlikeproductions.com disclaims any and all liability for damages incurred directly or indirectly as a result of a post on this website.

This site is provided "as is" without warranty of any kind, either expressed or implied. You should not assume that this site is error-free or that it will be suitable for the particular purpose which you have in mind when using it. In no event shall Godlikeproductions.com be liable for any special, incidental, indirect or consequential damages of any kind, or any damages whatsoever, including, without limitation, those resulting from loss of use, data or profits, whether or not advised of the possibility of damage, and on any theory of liability, arising out of or in connection with the use or performance of this site or other documents which are referenced by or linked to this site.

Some events depicted in certain posting and threads on this website may be fictitious and any similarity to any person living or dead is merely coincidental. Some other articles may be based on actual events but which in certain cases incidents, characters and timelines have been changed for dramatic purposes. Certain characters may be composites, or entirely fictitious.

We do not discriminate against the mentally ill!

Fair Use Notice:
This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. Users may make such material available in an effort to advance awareness and understanding of issues relating to civil rights, economics, individual rights, international affairs, liberty, science & technology, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C.Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes.
For more information please visit:
http://www.law.cornell.edu/uscode/17/107.shtml

Please be aware any communications sent complaining about a post on this website may be posted publicly at the discretion of the administration.

This Disclaimer is subject to change at anytime.

Mail Webmaster with questions or comments about this site.

Privacy Policy - Terms Of Use


Copyright 1999-2009 © GodLikeProductions.com

Page generated in 0.002s (1 queries)