A story published recently by a researcher at Cisco does a great job of illustrating what it takes to setup, manage, and profit from a botnet. The story details many of the typical activities performed by the criminals who manage and sell botnets. What is unique about the story is that the information is obtained directly from correspondence and discussions with an actual criminal behind the botnet. The story can be found at: http://www.cisco.com/web/about/security/intelligence/bots.html
What is especially unnerving about the story to many security professionals is the ease of which the criminals are able to perpetrate their activities. The criminals behind the botnets can bypass many security technologies through malware and phishing attacks. Additionally, these criminal enterprises can be extremely profitable despite recent claims to the contrary by researchers at Microsoft.
Further evidence of the relative ineffectiveness of some of the most well-known security technologies is illustrated by test results in one of our recent reports, Cyveillance Intelligence Report 1st Half 2009. The report can be downloaded at http://www.cyveillance.com/web/forms/request.asp?getFile=115
Despite the success of the more sophisticated online criminals, some progress in the fight against online crime has been been made. Cyveillance long noticed the trend of criminals being forced to develop very sophisticated methods to bypass detection and security countermeasures. This is a clear indication that the efforts of Cyveillance and others in the security industry are working. As we enter a new era in Security and Intelligence with our acquisition by Qinetiq NA, Cyveillance will continue to make the investments in personnel and technology needed to protect our customers and always stay one step ahead of the bad guys.