Jump to content

Information Warfare: Biggest Botnet Takedown Ever


Valin

Recommended Posts

20200404.aspx

April 4, 2020:

The Microsoft recently announced another successful operation against hackers by taking down the Necurs botnet. This was an international effort involving governments and computer security firms in 35 countries. Microsoft has, since the 1990s, become the major international computer security operation. That has led to working with the U.S. FBI (Federal Bureau of Investigation) and similar organizations worldwide. The effort to take down Necurs is a good example of the central role Microsoft plays because it took nearly a decade to figure out what Necurs consisted of, how it worked and what it would take to destroy the botnet, rather than just damage it. While that effort was underway Necurs grew from under a million PCs controlled to over nine million. The botnet operators knew they were being scrutinized by Microsoft, Internet security forms and police organizations and kept improving their defenses and survivability.

Necurs was dangerous not because of its durability but because it was largely a utility for cyber criminals and even some intelligence agencies. You rent various services requiring a botnet and Necurs was the best available for that in terms of price and reputation. Moreover Necurs had a track record of reliability and keeping its secrets. Like most major botnet operations the Necurs botnet command and control system was well protected and the botnet itself had numerous fall back systems to use if someone managed to penetrate the first level (or levels) of security. Figuring out how that security worked was the major reason it took so long to bring down Necurs. This effort was complicated by the Necurs operators constantly upgrading their security and robustness. Every time they did that Microsoft had to revise its plan to taking down the botnet.

(Snip)

To avoid the FBI and other international police efforts, many botherders seek sanctuary in countries without an extradition treaty with the United States. Criminal gangs are increasingly active in this area, and, in the case of China, so are government Cyber War operations. But even China has been hit by the hackers, and recently enacted laws against computer crimes.

The most powerful Internet weapons on the planet are botnets. And many of them are getting into uniform. In wartime, many of these botnets would be turned into weapons. A botnet can be used to shut down essential military networks, or infect military computers with destructive (to the computer) software. This is one of the major security threats Russia, China, Iran and North Korea pose to other nations.

______________________________________________________________________________

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • 1716242107
×
×
  • Create New...