Tuesday, March 24, 2009

APRIL 1 IS D-DAY - Computer experts unite to hunt worm

Computer experts unite to hunt worm By John Markoff NEW YORK TIMES Sunday, Mar. 22 2009 An extraordinary behind-the-scenes struggle is taking place between computer security groups around the world and the brazen author of a malicious software program called Conficker. The program grabbed global attention when it began spreading late last year and quickly infected millions of computers with software code that is designed to lash together the infected machines it controls into a powerful computer known as a botnet. The spread of the malicious software is on a scale that matches the worst of past viruses and worms, such as the I Love You virus. Since Conficker appeared, the program's author has repeatedly updated its software in a cat-and-mouse game being fought with an informal international alliance of computer security firms and a network governance group known as the Internet Corp. for Assigned Names and Numbers. Last month, Microsoft Corp. announced a $250,000 reward for information leading to the capture of the Conficker author. But researchers who have been painstakingly disassembling the Conficker code have been unable to determine where the author, or authors, is situated, or whether the program is being maintained by one person or a group of hackers. The inability of the world's best computer security technologists to gain the upper hand against anonymous but determined cyber-criminals is viewed by a growing number of those involved in the fight as evidence of a fundamental security weakness in the global network. "I walked up to a three-star general on Wednesday and asked him if he could help me deal with a million-node botnet," said Rick Wesson, a computer security researcher involved in combating Conficker. "I didn't get an answer." Several members of the security group said that law enforcement officials had been slow to respond to their efforts, but that a number of law enforcement agencies were now in "listen" mode. "We're aware of it," said Paul Bresson, an FBI spokesman, "and we're working with security companies to address the problem." APRIL 1 IS D-DAY An examination of the program reveals that the zombie computers are programmed to attempt to contact a control system for instructions on April 1. There has been a range of speculation about the nature of the threat posed by the botnet, from a wake-up call to a devastating attack. Botnets most often are used to send the vast majority of e-mail spam messages. But Botnets also can be used to distribute other kinds of malware and generate attacks that can take commercial or government websites off-line. The growing suspicion is that Conficker ultimately will be a computing-for-hire scheme. Researchers expect it will imitate the hottest fad in the computer industry, called cloud computing, in which companies sell computing as a service over the Internet. Earlier botnets were designed so they could be split up and rented via black market schemes that are common in the Internet underground, according to security researchers. Read More >>>>

No comments: