Information Warfare: The Mysterious Botnets of China

Archives

April 11, 2006: Cyber Criminals are developing weapons and tactics that are providing real-life examples of what Cyber War would be like. In the last few years, organized gangs have gotten into online crime in a big way, pushing aside the amateurs and part-timers who had dominated the scene for so long. The motivator is money, and the fact that 95 percent of online crimes never get punished. In the last year, the amount of software developed to steal money online has increased 500 percent. While spam is still a major source of this larcenous malware, most of it is now being spread via botnets of zombie computers. These are PCs that have been taken over, unbeknownst to their owners, by software secretly installed by hackers. The networks of zombie computers are the primary means to sending out spam, and breaking into weakly defended PCs. The botnets can also be used to launch DDOS (Distributed Denial of Service) attacks that can shut down a site with a flood of garbage messages.

The online gangs are also going after those that try and track them down, or stop them from stealing. No, not the cops, but the companies and organizations that make anti-virus software, and study malware created by the hackers. The gangs will also make attacks on each other. Particularly popular is trying to hijack someone else's zombies, or entire botnets. These botnets can sometimes consist of thousands of compromised computers. One zombie PC can be worth several dollars a month in proceeds from various online crimes. Some botnets have over 100,000 PCs in them. We're talking serious money here. The botnets don't last forever. Users eventually find out their computer has been infected, or take it offline for other reasons (it breaks, or a new one is purchased). So the gangs are always looking for new PCs to infect, and turn into zombies.

The botnets have military uses as well. It is feared that the thousands of botnets controlled by gangs in China, may be a "military reserve" for the Chinese Cyber War organization. A lot of the online gang activity seems to come out of China, and the Chinese government has relationships with hacker groups, and perhaps some of the gangs as well. Of course, you could never admit to relationships like this. But as was discovered after Saddam Hussein was overthrown in 2003, many of the Iraqi gangs were either in business with the government, or part of it.

The Internet gangs could easily shift their aim from each other, to military and government targets. This is why these activities are closely watched by government Cyber War organizations. You can always learn from someone with combat experience, even if they are outlaws.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close