• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Cyber warfare
  • Digital ID
  • Malware
  • Security
  • Botnets and cyber warfare, a dangerous combination

Botnets and cyber warfare, a dangerous combination

Pierluigi Paganini April 13, 2012

The US Government is very close to the theme of warfare being among the countries that invest more in the field. In a cyber security context we can enumerate a huge quantity of cyber threats that daily are designed and enhanced, a heterogeneous world and that includes many different options that could harm military and private sector causing serious damages.

In recent months is the increased concern on the development of botnets that are afflicting the areas critical for a country such as financial and military. White House Cybersecurity Coordinator Howard Schmidt has deep knowledge of the problem for this reason he’s convening federal agencies, law enforcers and private companies to define a common strategy to deal with the threat.

Behind the botnet we can find several type of actors such as cyber criminals, foreign governments and also hacktivist with different purposes like cyber espionage, financial frauds realizations arranging of operation of protest. The components of the botnets could be located everywhere in the world involving several countries, different social contexts and different laws and regulations, for this reason is quite difficult to arrange a unique front to face with the threat.

During the McAfee Public Sector summit in Arlington, Va,  on April 11th, Schmidt declared:

“There’s been a lot of discussion about botnets…trying to identify how many are out there, what they’re doing, what they could do and what the impact could be. I’ve asked my office to engage in a private-public partnership to enhance the nation’s cybersecurity by fighting against bot networks,”

“We’re teaming U.S. internet service providers, search engines, internet vendors, privacy rights advocates and groups and trade associations to tackle this on all fronts. We’re working on developing best practices and an industry code of conduct within the next 90 days.”

The group of work led by Schmidt is spending a sensible effort in the battle, working to reach the following four main goals:

  1. to develop principles for addressing the botnets.
  2. establish high-level strategies to increase public awareness on the botnets.
  3. leverage available consumer-focused information tools and resources to prevent the botnets from the beginning.
  4. identify ways of measuring progress.

I agree with the approach of the U.S. government, I believe that the strategy defined and targets are consistent with an approach to the problem that has become indispensable. Essential is to get a snapshot of the current situation and to define method to measure of extent of spread of the threat.  The definition of a process of measuring and the defining of a set of indicators that can provide a status on the evolution of the threat are essential steps, however it is necessary that these parameters must be universally recognized. Another key to fighting the proliferation of botnets is able to increase the level of awareness of the threat in each sector while also providing the tools necessary to tackle the problem.


As repeatedly stressed there is no clear line between cybercrime and warfare, botnets are a serious threat from the deadly offensive potential. Through the establishment of a botnet is possible to attack the nerve centers of a country, isolate attacks can target its critical infrastructures, create serious problems in areas like finance, communications and transport. That is cyber warfare, no matter if behind the attack there is a foreign government or ruthless criminals, the risk is high and face the threat has high priority.

“We’re looking at what [botnets] might do to a business’s infrastructure, to personally identifiable information – identity theft, credit card fraud, et cetera – but it goes beyond that. What we’re beginning to see is about 4 million new botnet infections every month…it’s a moving target,”

Schmidt said.

What most worries the U.S. government is the high rate of spread of malware in the private sector, not easy to contrast the phenomenon. That it has-been estimated one in ten Americans has some kind of malicious software on Their devices.  To aggravate the scenario is the rapid spread of mobile industry in my opinion one of the most vulnerable in security. To an impressive growth in the demand is not corresponded the awareness of the threat, the user ignores most of the time the potential of its smartphone and threats which it is exposed.

To remain in topic a mobile botnet is a botnet that targets mobile devices such as smartphones, attempting to gain complete control of the mobile. Mobile botnets take advantage of unpatched exploits to provide hackers with root permissions over the compromised mobile device, enabling hackers to send e-mail or text messages, make phone calls, spy on users, access contacts and photos, and more.
The main problem is that botnets go undetected and this make really difficult to tackle.  The malware spread them self sending the agents to other devices via e-mail messages or text messages.

Examples of mobile botnets are DreamDroid and TigerBot (SMS Controlled Android Malware) malware that compromised Google Android devices, Zitmo (zeus varian) that targeted Blackberry platform and CommWarrior which affected Symbian devices. The last in order of time is TigerBot, a new form of Android malware controlled via SMS messages that can record phone calls, upload the device’s GPS location, and reboot the phone, among other operations executable in the command preventing the message from being seen by the user. TigerBot tries to hide itself from the user by not showing any icon on the home screen and by using legitimate sounding app names (like System) or by copying names from trusted vendors like Google or Adobe. “TigerBot”, differs from “traditional” malware in that it is controlled via SMS rather than from a command & control (C&C) server on the Internet. The polymorphism of the threats and the genesis of new variants are the issues that most concern, these hacks and malware would essentially turn the phones into “zombies” in order to respond to external orders.

According to Schmidt it is necessary to act immediately, let me conclude with a meaningful affirmation the he said:

“One of the clear issues we won’t be doing anymore is to just sit back and admire the problem. We’ve done that for too long. We’ve written strategy after strategy…it’s time to move beyond the strategies and actually move into an environment where we’re executing on these strategies,”

 

Pierluigi Paganini


facebook linkedin twitter

botnet Botnets Critical infrastructures Cyber attacks Cyber Crime cyber security cyber threat cyber threats cyber warfare cyber weapon Cybercrime cyberwarfare Espionage Hackers Hacking Hacktivism hacktivist Large scale infiltration malware mobile warfare

you might also like

Pierluigi Paganini July 11, 2025
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini July 10, 2025
UK NCA arrested four people over M&S, Co-op cyberattacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

    Uncategorized / July 11, 2025

    U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

    Hacking / July 11, 2025

    UK NCA arrested four people over M&S, Co-op cyberattacks

    Cyber Crime / July 10, 2025

    PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

    Hacking / July 10, 2025

    Qantas data breach impacted 5.7 million individuals

    Data Breach / July 10, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT