IF you're in an office, like I am, take a look around. If there are 10 computers in the room, chances are one of them is a zombie.
"The global average is 20 to 25 per cent that are probably infected which means about one in five," said Professor Michael Fry from the university's school of IT.
"These computers are taken over remotely and incorporated into botnet networks."
Botnets are networks of computers enslaved by malware allowing the "bot herder" or "bot master" to control them remotely.
Prof Fry said remotely-controlled computers were being used in everything from organised crime to cyber warfare.
"Controllers use botnets for stuff like identity theft, to launch mass spam campaigns, phishing attacks, and online advertising 'click fraud'," he said.
"But the big one that they are becoming the weapon of choice for are distributed denial of service attacks."
A denial-of-service attack is when someone directs such a huge volume of requests to a target website that the web server can't respond and the site becomes inaccessible to everyone.
A distributed denial-of-service, or DDoS, attack occurs when hundreds or thousands of infected zombie computers are enlisted to help.
Prof Fry said botnets were today's "weapon of choice" for organised crime conducting DDoS attacks and there was a strong suspicion in cyber security circles that governments had also used botnets to sabotage others countries' IT systems.
He said individuals were already using attacks such as these to extort money right here in Australia.
"We had a case where a man in Alice Springs had his system go down one day," Prof Fry said.
"A little later he received an email from a group saying 'this was us and pay up or we’ll do it again'. He told them no and the next day they attacked him, bringing his whole system down."
They are even reports that individuals are able to hire botnets for a fee.
- One in five home computers are enslaved "zombies"
- Enslaved PCs used by "botmasters" in cyber attacks
- That means my computer has more of a life than I do
Prof Fry said the systems which were the most vulnerable to these sorts of attacks were "unpatched" machines — computers which haven't been updated with the latest defences from software providers.
"These regular update requests can be a nuisance but are essential to stay ahead in the day to day battle against cyber crime," he said.
Craig McDonald is the founder and chief executive of MailGuard, a company specialising in the online security needs of business. He said it was essential for individuals and businesses to check for regular software updates.
"You're only as protected as the last update," Mr McDonald said.
"And for businesses, as email is highly used for 'doing business', I would recommend a multi-layered managed email filtering service."
Mr McDonald said individuals needed to ensure they followed all the directions given by their software and to run full scans of all computers.
Prof Fry said the identification of malware could sometimes be extremely hard and the process had become an "arms race".
"The less sophisticated ones can be tracked down and stopped, but the detection of zombies or the detection of bot masters can be very difficult," he said.
"The whole thing is an arms race. You can develop a tool that is very good at detecting them but as soon as you do people are working to get better at covering their tracks.
"It’s a global problem — governments, ISPs and everyone else."
The biggest threat?
Last week Attorney-General Robert McClelland and Defence Minister Stephen Smith said the Australian Government would work towards the creation of its first ever national strategy for dealing with cyber security.
"The Cyber White Paper will examine what we need to do to protect ourselves online, the role of government, industry and the public in protecting our interests," McClelland told a cyber security function in Sydney.
The paper will be completed in the first half of next year and would look at a broad range of areas including consumer protection, cyber safety, cyber crime, cyber security and cyber defence, he said.
Earlier this year the Federal Parliament was the subject of a cyber attack with the computers of at least 10 federal ministers, including Prime Minister Julia Gillard and Defence Minister Stephen Smith, targeted and confidential emails possibly accessed.
The head of Sydney University's Centre for International Security Studies, Professor Alan Dupont, said cyber attacks were "possibly the biggest security threat facing Australia".
"Of course we need to understand the technical detail of cyber crime in order to keep ahead of the game but we want people to think more broadly about cyber security," Prof Dupont said.
"We are stressing the importance of how cyber attacks are conducted, why and by whom, in order to enhance understanding of systems' susceptibility to attacks.
"If we don't get on top of this in a defensive sense, everything on a computer network is vulnerable to attack."
No comments:
Post a Comment