As I noted a while back, SoftScan is seeing that over 90% of the email traffic they get is spam. That’s about right, looking at what I get in my email, and apparently we’re not the only ones – Maureen Rogers posts on spam today as well. Meanwhile, I noticed yesteday that my Akismet Spam Filter on this blog has killed over 24,000 spam comments. That’s beside the 20-30 a week I have to manually kill myself, and the uncounted number that are killed do to my comment blacklist.
That’s a lot of spam! So let’s ask ourselves this: is it really someone sitting around keying this stuff in? Heck no, it’s botnets doing scripted attacks from Zombie computers. The sad truth is that while the end beneficiary may be Ivan.firstname.lastname@example.org, the truth is that the traffic for the most part is originating in the US. From our own computers, in many cases.
While the term “botnet” can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised computers (called zombie computers) running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure. A botnet’s originator (aka “bot herder”) can control the group remotely, usually through a means such as IRC, and usually for nefarious purposes.
Think it’s a little problem? Wikipedia cites this little tidbit: “The Dutch police found a 1.5 million node botnet and the Norwegian ISP Telenor disbanded a 10,000-node botnet.”
The truth is this: I suspect that our ISPs could probably identify a lot of these machines, and find an affective way to let us know we’ve got some computer housekeeping issues to take care of, but they haven’t. Perhaps it’s a matter of them not wanting to rock the customer service boat, perhaps they just loathe the idea of playing cop. They haven’t dealt with the issue effectively and something has got to be done.
Let’s forget about the need to keep our machines patched, forget about running virus scan (and keeping it up to date) as neither has worked. There is a fairly simple solution to this problem: turn your computer off when you are not using it, or at the very least, disconnect it from the Internet.
That’s it. No magic, just turn the darn thing off, and it can’t be used for nefarious purposes.