Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

The FBI and “OPERATION: BOT ROAST”

Is your PC a threat to national security? The answer may be “Yes”, and you might never even know it. Your machine can be used to cripple our economy, paralyze our Armed Forces, and shut down most means of communication. To try to prevent this, the FBI arrested three people. I feel safer already. (read their press release here.)

I have in prior postings advised you to the dangers of malware, and I believe you should already be aware of how it may be used to steal your identity, and that it will slow down your machine, and can cause a lot of advertisements to ‘pop up’, and such, but bear with me as I define some words and expand upon how this can truly be a threat to our way of life.

“Bot”, “Botnet”, “Bot Herder”: “Bot” is short for ‘robot’, and in the arena of computers it means specifically, a machine that can be administered (controlled) remotely (from a distance). The “net” in Botnet is short for ‘network’, which for our purposes means ‘a collection of’, or ‘more than one’. A “Bot Herder” (a reference to a shepherd) is the person doing the administering. Operation: BOT ROAST was/is about going after and stopping Bot Herders.

Here’s (my understanding of) how it works. An Evil Doer wants to do evil, so ‘he’ (it may very well be a ‘she’) uses various readily available methods to scan for unprotected machines connected to the Internet. Since the vast majority of people connected to the Web think of their computers as plug-it-in-and-use-it appliances, like a toaster or microwave oven, he quickly finds several (and by that I mean several hundred). He sends these machines a ‘script’ (a small, hand-written program), or a Trojan Horse, that installs a hidden “backdoor” (allowing him anytime access and control) and reports the machine’s details back to him. He then uses these machines to –in the ‘background’, and thus un-noticed by the PC’s rightful owner– seek and ‘infect’ other machines, and so on, until he has backdoors into many, many machines. Now he has a collection of machines he can manipulate…a “botnet”. 

So what does our Evil Doer do with his botnet? In the case of Robert Soloway, he is accused by the FBI of using it to “send tens of millions of spam messages touting his website.” That’s a lot of spam! “So what. I’ve got a spam filter,” you say? Well, to that I say, don’t complain about a ‘slow Internet’ then. All that spam traffic clogs the Web and puts a huge workload on the telco’s, ISP’s, and uselessly fills storage, and creates wasted processor time.

Another kind of Evil Doer could use a botnet to launch cyberwarfare. Accourding to the DoD, “The People’s Liberation Army (PLA) is pursuing comprehensive transformation from a mass army designed for protracted wars of attrition on its territory to one capable of fighting and winning short-duration, high-intensity conflicts against high-tech adversaries.” That’s China, in case you didn’t know. An enemy could (and will) use our own computers –controlled through botnets– to flood the switches and servers that comprise the physical thing we call the Internet and shut it down, blind our satellites, sow false and misleading information, and generally render us unable to effectively defend ourselves. 

The FBI can’t do much about that…so they arrested Jason Downey and charged him with using a botnet to conduct distributed denial-of-service attacks, which  floods a Web site or network with so much traffic that the target network crashes and is rendered unavailable. Imagine the consequences if that were to be done to the NYSE.

Okay, you get the idea: botnets are “bad.” You don’t want any part of them. Here’s the thing: the FBI has identified “more than 1 million personal computers that have been infected with computer worms enabling the attackers to control PCs for criminal purposes.” I propose to you that if the FBI found 1 million, the actual number of zombie PC’s is much, much higher.

Are you one of them? Well, are you running a decent firewall? Do you have anti-spyware applications? Is your antivirus up to date? Can you recognize phishing when you see it? Well?

[Update 3/20/08: to read about some prison sentences as a result of “Bot Roast”, click here.]

Tip of the day/Today’s free link: Don’t be part of the problem. Visit my website’s PC self-defense pages and get protected…free. Click here.

Copyright © 2007 Tech Paul. All rights reserved.

Share this post :

June 14, 2007 - Posted by | advice, anti-spyware, antivirus, computers, how to, networking, PC, rootkits, security, tech, Windows, XP

3 Comments »

  1. an addenda:
    Not all remote administration is “bad”. I use it every day to help people fix their computer problems, as do most IT Help Desks these days.

    Like

    Comment by techpaul | June 14, 2007 | Reply

  2. TechPaul: 12/28/07 01:50 PST
    I am really grateful and sincerely apprceiate your hard work and all the useful and necessary important info. I never seem to fail to learn from your articles which actually have made me realize that the more I know the more I realize I DO NOT know!!! IMPORTANT NOTE: When attempting to visit your website’s PC self-defense pages to get protected I get a HTTP 404 Page Not Found error so I was of course unable to successfully visit. You might wanna look into that and I would appreciate it if you would please let me know when it is resolved so I can get protected!
    Much Thanks,
    Fred

    Like

    Comment by Fred Fitz Henry | December 28, 2007 | Reply

  3. Thank you Fred.
    The link has been repaired.

    Like

    Comment by techpaul | December 28, 2007 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: