RSA Europe 2010: Botnets have become backbone for cybercrime, says Microsoft

Botnets are increasingly core to cybercrime activities, the latest security intelligence report from Microsoft has revealed.

Botnets are increasingly core to cybercrime activities, the latest security intelligence report from Microsoft has revealed.

Some 6.5 million botnet infections were cleaned between April and June this year - double the number in the same period last year - Adrienne Hall, general manager Microsoft Trustworthy Computing, told RSA Europe 2010 in London.

"It is clear that bot controllers, known as bot-herders, are working hard to maintain and grow them for financial gain," she said.

The research reveals a strong connection between botnets and the activities of cyber criminals who use bots for things like phishing, identity theft, and click fraud.

"Botnets have become the backbone for cybercrime, and are even specialising in specific activities such as spam," said Hall.

Microsoft has published a proposal applying a public health model to the internet, she said. It calls for a collective defence to tackle cybercrime through requiring a PC health certificate before allowing machines unfettered access to the internet, said Hall.

The report, SIRv9, covers the period January 2010 to June 2010 and contains analysis of data from more than 600 million computers around the world captured by Microsoft products and tools.

The research provides the clearest insight yet into the use of botnets and associated malware, Hall told Computer Weekly.

"We believe greater intelligence is key as knowing your enemy is half the battle, but we now have to evolve ways of using that information to combat cybercrime," she said.

SIRv9 also reports a number of positive security trends, said Hall, with the number of new vulnerability disclosures falling 8% in the first half of 2010 compared with the previous six months.

The report shows that the number of medium- and high-vulnerability disclosures fell by 10.7% and 9.3% respectively in the same period.

In addition, more people are using Windows Update and Microsoft Update to install security updates automatically, said Hall.

The number of data breaches involving loss of personal identifiable information also continued a downward trend, falling 46% in the first half of 2010 compared with the same period in 2009.

Ovum analyst Graham Titterington said SIRv9 report provides insight into the most prevalent and dangerous cyber threat right now.

"As well as the prominent rise in infections on a global scale, data from this year's report has also shown that cybercriminals are now using more sophisticated techniques like botnets to further their reach of potential victims," he said.

While some figures are encouraging and show that the security efforts across industry are having a positive effect, other figures show that more has to be done, said Hall.

"We need to adopt a multi-pronged approach to combating cyber threats, and while the basics such as stronger passwords and regular patching are still important, there also needs to be continued and increased innovation and collaboration by the IT industry," she said.

Read more on IT risk management