Botnets, they got you with your pants down.

February 4, 2009


SecureWorks, an awesome company, by the way, and their mentat’s over there particularly Joe Stewart have published some very good data on the top botnets of 2008 and 2009.  This allows us to focus efforts on the most prevalent threats and analyze and target C&C’s and code from particular campaigns.  Then we can focus real world intelligence on the mal actors. 

Unfortanately the industry has not started to publish individual background dossiers on the real world locations, personalities, and networks behind this stuff.  When it does happen I think you will see the rules of the game change when you shine the light on these bastards.

If you want to track some great progress in Cyberwar and CyberIntelligence, Intelfusion is a great place to start.

For now however I predict that we will continue to be pussys, ala not outing the Storm worm authors over there in StPetersburg who are protected by “unnamed political interests”  Big freaking deal, out them.  If this was done for every positive identification of malware author and crimeware campaign network and manager we could put intense FOCUS on these people and open them to attacks, prosecution and other kinds of white hat nastiness.  Of course intel/LE will poo poo say its our job, fail to apprehend or prosecute said actors or just sit and monitor them forever with no action whatsoever.

I would like to see some real action, the the BS where a 18 year old NewZealander gets busted for running a bot net and gets 2 years probation.  Hey guys, if you really want to solve the problem give me a shout.  I have a few ideas that havent crossed your cerebral cortex’s yet.

O yea.  Pull yer pants up.  This is what the Watchers are getting from you.  Here is a digital Aids quilt of pwned users desktops and all the cool stuff they are doing.

blog1

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: