Cybercriminals in India creating botnets to capture PCs

Cybercriminals in India are increasingly looking at creating botnets, network of computers aimed at attacking and ‘capturing’ PCs to spread viruses through them to other systems, according to Microsoft report.

India ranks 25th in terms of bot infections detected and removed in the quarter ended June 2010, according to the Microsoft Security Intelligence Report version 9. The report covered 200 countries and territories.

The country had 38,954 computers with bots cleaned in Q2 this year compared to 37,895 computers in the previous quarter.

A Botnet is a network of computers, controlled by one computer (bot herder), which attacks another PC and makes it a part of its network. The main drivers for botnets are for recognition and financial gains.

The larger the botnet, the more recognition the herder can claim to have among the cybercriminal community.

The bot herder can also offer services of the botnet to third parties, usually for sending spam messages. Due to the large numbers of machines within the botnet, huge volumes of such mails can be generated.

“It is clear that the controllers work hard to sustain, maintain and grow them for financial gain. If it is a consumer the data and financial loss may not amount to a huge amount, but the loss is more severe if we talk about organisations or at a government level,” Microsoft India Chief Security Officer Sanjay Bahl told PTI.

Microsoft estimates that $780 million was lost globally in 2008-09 to spam mails. “It’s clear that the evolution of the botnet is a major concern. As well as the prominent rise in infections on a global scale, data from this year’s report has also shown that cybercriminals are now using more sophisticated techniques like botnets to further their reach of potential victims,” Ovum Analyst Graham Titterington said.

Over the past few years, volumes of spam originating from a single computer has dropped in order to thwart spam detection. The trend is moving towards using a larger number of compromised hosts for sending smaller amount of messages. This helps evade detection by anti-spam techniques.

Though the numbers in India might seem small, but such attacks are increasing. “Cybercriminals play with vulnerabilities. For example, in a developing country like Brazil, people are engaging in online payments, so the cyber criminal will try and attack through spam mails promising lottery and bank payments,” Bahl said.