Sign In

Communications of the ACM

ACM TechNews

Are Nations Paying Criminals for Botnet Attacks?

View as: Print Mobile App Share:
McAfee Inc. Vice President of Threat Research Dmitri Alperovitch

Cyber-criminals may not fully understand the botnet attack they are hired to launch, says Dmitri Alperovitch, vice president of threat research at McAfee Inc.

Credit: Flickr

Countries that want to disrupt other nations' government, banking, and media resources can simply hire cybercriminals to launch botnet attacks, according to new report by McAfee that interviews 20 cybersecurity experts. William Crowell, former deputy director of the U.S. National Security Agency, says that "anyone can go to a criminal group and rent a botnet. We've reached a point where you only need money to cause disruption, not know-how, and this is something that needs to be addressed."

McAfee's Dmitri Alperovitch says botnet attacks are hard to trace because of the anonymous nature of how they are requested and paid for.  The July 4th, 2009, cyberattacks launched against South Korea and the United States prompted Rep. Peter Hoekstra (R-Mich.) to urge the United States to "conduct 'a show of force or strength' against North Korea for its alleged role in the attacks," the report says. Alperovitch says there is no concrete evidence that North Korea was behind the cyberattacks, but points out that it was unusual that the botnet was concentrated entirely in South Korea. Alperovitch also notes that North Korea gets its Internet link from China because North Korea never took ownership of the top-level domains it was assigned by ICANN.

Countries that are known to be expanding their cyberwarfare capabilities include the United States, France, Israel, Russia, and China, according to the McAfee report. Major cyberconflicts have the potential to hurt businesses and individuals, indicating a need for greater public discussion about such issues.

From Network World
View Full Article


Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account