Bots, Trojan Horses and Denial of Service (DOS) are the top three malicious attack types being picked up in the wild by security vendors, according their recent reports. Secure Computing’s Trends Report for August states that:
* Spam made up 89% of all e-mail
* Trojan Horses made up 78% of all newly-detected malicious code. Trojan horses are hidden malicious applications hidden inside downloadable executable files, such as iFrame and other types of animations; 97% of all malware came in the form of Windows Executables.
* An average of 264,000 new Zombie/Bot machines were located daily.
Zombies are remote-controlled computers doing the bidding of an evil master, something ISPs are increasingly concerned about because those remote-controlled computers are used for a variety of criminal activities. According to Arbor Networks’ September, 07, Infrastructure Security Survey report, 37 % of zombies are used as components in phishing (account/identity theft) relays, 64% are used to send Spam and 71% are used in Distributed Denial of Service (DDOS) attacks.
Denial of service attacks have increased in both frequency and size, according to the report, making them a real threat to ISPs who can ill afford more packets coming at them than their networks can handle, according to Danny McPherson, chief research officer for Arbor Networks. Zombies, too, he says, are of chief concern to ISPs because they’re the ones getting expensive help desk calls for repair when their user computers get infected by clicking a link to or by browsing a malicious site, and when a hosted Web sites get infected with Zombie installers.
“The FBI told that one million to call their broadband service providers for support, not the FBI,” he says, pointing to Operation Bot Roast in which the FBI contacted the owners of nearly 1 million Bot-infected computers in June. “Imagine that it costs the service provider $50-100 per support desk calls, not to mention the churn it would cause when customers take their business elsewhere.”
Expect to see more value-add security services from your broadband providers as a matter of their own sense of self-protection, he adds. But how much security service providers can offer to the masses will remain a problem. Acting as policeman won’t cut it in today’s growing world of bundled telephone, Internet and TV services, he adds. For example, if service providers detect malicious activity coming from a hosted site or user, there’s no way to block that user without turning off all that user’s services.
What would happen he hypothesizes, if, during a security incident you’re blocked from the network and can’t make a 9-1-1 Vonage call?
Which is why I still have a land line.