Botnets and DoS Attacks are biggest security threat to ISPs

Botnets and distributed denial-of-service attacks are the biggest security concerns for Internet service providers, according to a new study. Arbor Networks, a network security company, and the University of Michigan released the results of the third annual Worldwide Infrastructure Security Report this week. After surveying 70 ISPs on the security issues facing Internet backbone operators, […]

Botnets and distributed denial-of-service attacks are the biggest security concerns for Internet service providers, according to a new study.

Arbor Networks, a network security company, and the University of Michigan released the results of the third annual Worldwide Infrastructure Security Report this week. After surveying 70 ISPs on the security issues facing Internet backbone operators, the team reported that 73% of Tier One and Tier Two ISPs and cable operators think they're doing a good job battling the bad guys.

However, the battles keep changing.

This year, the ISPs report that their top security concern is dealing with the growing number of botnets that are buffeting the Internet with spam, phishing attacks, and denial-of-service (DoS) attacks. And the ISPs aren't allow in their fears. According to the FBI, because of their widely distributed capabilities, the government considers botnets a growing threat to national security, the national information infrastructure, and the economy.

The foundation of a botnet is built when hackers and malware writers conspire to infect computers around the world with viruses and Trojans that allow them to remotely control the victim machines. Then they amass thousands or hundreds of thousands of these zombie computers, creating great armies -- or botnets -- of them. Most of the owners of the zombie machines don't even know they have been infected or that their machines are being controlled by someone else.

The problem seen as the second biggest operational threat is the distributed denial-of-service attacks that these botnets are increasingly launching. These attacks were at the top of ISPs' concern list last year.

The ISPs noted in the survey that the big DDoS attacks appear to have gone pro. Arbor's analysts noted that while mid-level DDoS attacks have plagued the Internet since 2000, survey respondents said they've seen a widening gap between common mid-level "amateur" attacks and multi-gigabit "professional" efforts involving tens of thousands of zombie hosts.

This news comes out as the massive Storm worm botnet gains size and increasingly launches DoS attacks. Researchers' estimates as to the size of the botnet vary wildly, ranging from 1 or 2 million up to as many as 50 million. Whatever the exact size, security professionals say the botnet herders are in a position to launch highly damaging attacks because the botnet is so large and dispersed.

Adam Swidler, a senior manager with security company Postini, said in an earlier interview with InformationWeek that if the Storm worm bosses focused a denial-of-service attack on a company, Internet service provider, or government agency inside the United States, it could do a great deal of damage. "I think there's no question they could damage any single company, whether through a DoS attack or a spam barrage," he said.

Full Article

Internet, Web, Security, Internet Security, Web Security, Botnets, DoS, ISPs