Businesses today not only have to protect their computer systems from outside attacks, but they also have to take measures to make sure they aren’t used in crimes against other networks.
Computer crimes fit into two categories, Assistant U.S. Attorney Michael Levy told me. One category of computer crime involves getting access to information that you are not entitled to, which is called intrusion. The other category of computer crime is causing the prevention of people with legitimate access from getting to information, which is called a denial of service attack.
The FBI is leading the battle against cyber security threats and they have stepped up their fight with Operation Bot Roast II. According to the FBI, the first phase of Operation Bot Roast pinpointed more than a million victimized computers and charged a number of individuals around the country with a variety of cyber-related crimes. The FBI is working with many partners to combat cyber crime, including the U.S. Secret Service and Immigrations and Customs Enforcement (ICE).
On November 29th, Patrick L. Meehan, the U.S. Attorney for Eastern Pennsylvania, announced his office’s participation in the FBI’s Operation Bot Roast II. Meehan spoke of the federal jury indictment of Ryan Goldstein on one count of conspiracy to commit computer fraud.
The indictment charges that Goldstein crashed a server at a local college while he was attempting to work with another individual to launch denial of service attacks against other servers on the Internet using “botnets.” An FBI agent from Philadelphia accompanied New Zealand Police as they executed search warrants on a subject known by the screen name as “AKill.”
According to the U.S. Attorney’s Office, a botnet is a network of robot computers. Botnets are created when a “botherder,” who is the controller of the botnets, infects computers of unsuspecting people with programs that permit the botherder to give directions to the infected computer — the bot. A botherder can gain control of these computers by unleashing malicious software, or malware, through SPAM (unsolicited commercial e-mails, Phishing (sending e-mails that appear to be from legitimate sources that prompt recipients to send personal information to a website), and pop-up ads.
By executing a simple task such as opening an attachment, clicking on an advertisement, or providing personal information to a phishing site (one that mimics a legitimate site), an individual computer user unintentionally allows the botherder to gain access to his or her computer. Bot operators will then typically use these compromised computers as vehicles to facilitate other crimes such as identity theft, sending spam, denial of service attacks (having a large number of computers send signals to a single, victim computer that causes it to slow down or crash), and keystroke logging.
Meehan stated that it is vital that individual computer users take responsibility for the security of their own computers by installing software that prevents and removes viruses and other malicious codes, by avoiding phishing schemes and by being careful about opening attachments to e-mails from unknown senders.
“This case illustrates how law enforcement agencies around the world are rising to the challenge of fighting crime in cyberspace,” Meehan said. “As the Internet breaks down the barriers of national borders, collaborative efforts to find and prosecute the criminals become more crucial. This investigation and this indictment is proof of the commitment to meet that challenge.”
Assistant U.S. Attorney Michael Levy is prosecuting this case in Philadelphia. I asked him about the case and the threat of botnets and other cyber crimes to small business people.
“Botnets are a threat to any business that needs an online presence,” Levy explained. “So if a small business that depends heavily on web sales is taken offline, even for an hour or two, this could be a disaster for them.”
Levy said that Ryan Goldstein and a person identified only as “Person A” were working together. Goldstein wanted a bunch of Internet Relay Chats (IRC) taken down by a distributed denial of service attacks. A distributed denial of service attack is a form of attack on another computer on the Internet that overloads the victim’s computer. A person attempting an attack enlists other computers, without the knowledge of the owners, to assist in the attack by causing other computers to bombard the target computer with requests or commands at the same time. This increases the number of messages that can be directed to the victim computer and increases the chances of slowing the victim computer and crashing it.
“There was no profit motive to this case, it was just good, old-fashioned fun and games,” Levy said sarcastically. “But Botnets have been used in other cases as tools for criminals to extort money out of businesses. They told the businesses that they would take their websites down if they didn’t pay a certain amount of protection money.”
I asked Levy what a small business can do to protect themselves and he said that the first thing small business people should do is make sure their computers are not part of a botnet.
“Keep your virus software up to date. That means not just buying the software,” Levy explained. “You should also log in and update your subscription at least weekly, so you have the current anti-virus updates that will prevent you from being infected.”
Levy said that if you are the subject of an attack you should immediately call law enforcement. He also said that there are businesses out there that will avert your traffic to their computers in an emergency situation.
“We are an incredibly computer-dependant country and botnets are the latest technology out there. Unfortunately, bad people are using them.”
Levy recommends that you install a good security system, perhaps even hiring a consultant. Also ask yourself if you need to have customer information on a computer that is connected to the Internet, or perhaps you should separate customer information and place it on a stand-alone computer that is not accessible to the outside. This will help prevent all kinds of identity theft problems, Levy explained.
“Your greatest security risk is not from outside, but inside,” Levy said. “You have to trust some employees, but does every employee require access to everything on your network? You should limit access to certain areas to only the people who truly need access.”
As street thugs are out and about looking for an opportunity to rob and steal, cyber criminals are surfing the Internet looking for an opportunity to steal and cause mischief. If the computer is vital to your business, then you should be on guard against botnets and other computer crimes.