Botnets a Launching Pad for Cybercrime, says new Microsoft study
14 October, 2010 | Sydney, Australia
Microsoft Australia today released the ninth volume of its Security Intelligence Report (SIR v9) into internet security, which exposes the extent to which botnets are providing a launch pad for cybercrime such as spam, phishing, identity theft, click fraud, and advance fee fraud. A botnet is described as a computer connected to the Internet that has been set up to forward transmissions (including spam or viruses) to other computers on the Internet, without the knowledge of the computer owner.
Stuart Strathdee, chief security advisor, Microsoft Australia, said the latest version of the internet security report revealed the full extent of the botnet threat. “SIRv9 contains some of the most detailed research into the botnet threat ever conducted. It is clear that their controllers, known as bot-herders, work hard to sustain, maintain and grow them for financial gain creating an online black market where cybercrime specialists trade with each other,” he said.
From April 2010 to June 2010, Microsoft cleaned more than 6.5 million computers of botnet infections — twice the amount for the same period a year before. The dominant botnet family in Australia in the second quarter of 2010 was Win32/Alureon, which declined over the first two quarters of 2010 but still accounted for 25 percent of detected botnets. Over the past several quarters, most countries and regions have experienced an increase in detections of Win32/Rimecud, which rose to 21 percent of detections in Australia. Rimecud is being sold as a kit via the internet and the ease to obtain it has likely contributed significantly to its prevalence.
SIRv9 also reports a number of positive security trends. The number of data breaches involving loss of personal identifiable information (PII) showed a downward trend with losses falling by 46 percent in the first half of 2010 compared with the same period in 2009. Theft of equipment still accounted for the largest number of incidents (31 percent) with half of that due to incidents of negligence, such as loss or theft of equipment or inappropriate disposal.
“The positive results show that consumers are becoming more aware of computer security and are taking steps protect themselves against cybercriminals”, said Strathdee. “However as the landscape continually evolves it’s important that consumers, businesses and the software industry continue to be aware of the threats that exist and remain one step ahead. Addressing the problem of cybercrime requires creativity, innovative thinking and collaboration from industry, governments, lawmakers and law enforcers.”
Based on the key findings from SIRv9, Microsoft recommends customers use the data, insights and guidance in the report to better assess and improve their own security practices. Some of the active steps Microsoft recommends include the following:
-
Upgrade to the latest version of operating systems and products
-
Employ strong passwords
-
Check for and apply software updates on an ongoing basis
-
Use Microsoft Update, a complimentary service that helps keep your pc more secure and up to date
-
Run anti-virus software from a trusted vendor
Microsoft said there would always be a percentage of internet users who ignored fundamental security practices and who risked infection through their online habits. Strathdee said that in a globally connected world and with a profusion of consumer devices being brought into the workplace, these computer users could unwittingly expose other connected users to potential threats.
”It’s important that organisations implement and enforce a robust security policy to prevent potential threats from outside a company’s network while ensuring that all employees are fully aware of the security policies, risks and potential disciplinary action.
About SIRv9:
Covers the period January 2010 to June 2010 and contains analysis of data from more than 600 million computers around the world captured by Microsoft products and tools. This tracking identifies evidence of increased integration between malicious threats and botnets.
About Microsoft
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realise their full potential.
To organise an interview with Stuart Strathdee, please contact:
Rudolf Wagenaar
[email protected]
02 8281 3879
043 9082550
Tags: Security Intelligence Report, botnet, SIRv9
