RSA - As Storm Fades, Botnet Fight Goes on
In total, the botnets tracked by SecureWorks can send out more than 100 billion messages per day. These networks use Web-based templates, offering infected machines to the highest bidder as an easy software-as-a-service product.
So how to stop the problem? One panelist had an idea that may not sit well with everyone: Internet Service Providers should knock users off the network unless their patches are up-to-date. Because most botnet attacks target known software bugs, having your patches up-to-date, especially for popular products like Internet Explorer, Firefox, WinZip, and QuickTime, can make a real difference.
The only drawback: a good chunk of the Internet population would be knocked offline until they patched.
Still, maybe it's a fair thing to do because these people are harming others, according to Ira Winkler, president of the Internet Security Advisors Group, a security consultancy.
Often victims who have been infected with botnet code, don't even realize that the malware is on their system, he said. It's other computer users who must bear the brunt of the problem when the botnet network spams or launches a denial of service attack against them.
"We need home users to be responsible," he said. "Yes blame the users... because they present an imminent danger to others."
$firstKeyword
Receive the latest security news as it breaks.
