The Importance of Taking Warnings Seriously

Compromised computers spew spam.

John Leydon over at The Register posted an interesting article recently. It seems that botnet herders have learned how to avoid honeypots. Honeypots are the name given to traps set by security firms-groups of unprotected computers designed to lure botnets so that they can study their command structure and malware deliveries. This helps them come up with ways to detect and fight back against them. Now that the herders know how to spot and avoid them, they may lose this valuable tool.  While many firms say they are aware of this and working on the problem, some are skeptical and say the seriousness of the issue is being exaggerated.

I personally disagree. I mean seriously, does this surprise anyone? Botnet herders and other cybercriminals are getting better and better at avoiding detection and protecting themselves. When McColo was abruptly shut down in 2008 it knocked several botnets offline for MONTHS. Thanks to improved technology, recent similar shutdowns have resulted in botnet downtime shrinking to just hours or days. No matter how good we think we are at detecting malware, blocking spam and fighting botnets, the cybercriminals will always be a step ahead. They are constantly changing and evolving. These folks will never wind up on an episode of America’s Dumbest Criminals. These people are smart, creative, and determined and because of that we need to take every warning seriously. We are woefully unprepared for a major cyberattack or act of cyberwarfare, and until that changes we’ve got to stay on the ball.