Column published on Saturday November 17th 2007 in The Guardian “Dork Talk” – The Guardian headline

Gazing into the techno-future can be fun. We all dream of utopias involving benign robots, food for all and fusion power that is free, safe and unlimited, but then there are the cacotopias too – nightmare visions of malevolent machines that turn on mankind. It has been usual to suppose that the two-pronged threat to our liberty and our privacy would emanate from big business and government, from untrammelled corporate and bureaucratic greed, stupidity and wickedness. But let me paint another scenario…

I expect all of you have heard of the risks posed by the various forms of attack code that go under names like virus, Trojan horse, worm, malware and so on. These are little bits of clandestine code that your computer picks up, usually through email attachments, designed to infect the host (your PC), raid its address books, send out copies of themselves to all your friends and contacts and then either spitefully screw with your operating system, rendering it inoperative or, more likely these days, record your keyboard input and send back to the malicious code’s originator a log of such keystrokes which can be used to determine your passwords, credit card numbers and other sensitive data. Well, such attacks have been well enough publicised, and companies like Symantec, Norton and McAfee have grown up, offering self-updating protection against these horrors; Microsoft, whose Windows operating system has been the victim of 99.9% of all such attacks, stuffs newer and newer wads of digital kitchen towel into the holes in its leaky old system and has now brought out a new one, Vista, which is so front-ended with dialogue boxes and “are you sures?” that it’s safer, but maddening to use. A nuisance, but many of us live in burglar –alarmed houses and work in swipe-card protected offices: we cope with it. Panic over. Virus scare stories are a thing of the past.

But, and here I finally come to my nightmare scenario, imagine malicious code written by cunning, ruthless criminals from … oh, Russia let’s say, that could turn your computer into a kind of slave machine, a zombie PC which can connect with other zombie PCs to create a whole network of robot computers which would grow almost exponentially in power and bandwidth. Such a robot network, or ‘botnet’, would soon overtake all the supercomputers on earth in might and reach. Let us further imagine that this botnet learned to defend itself against the security forces by moving the location of its command and control centres so fast and so randomly that the head could never be cut off. Let us even further imagine that the criminal masterminds in charge of this colossal entity divided it up into sections which could be sold, leased or rented to other criminals (along with instructions for use) who could use it for spamming, share scamming, phishing, identity theft, fraud, DDoS and any other kind of lucrative enterprise they chose. The fiendish nature of the code would mean infected PC’s wouldn’t freeze or slow down noticeably, so individual computer users like you and me would have no idea that we were enslaved players in this vast criminal conspiracy, the transmission routes would change literally daily from porn sites to cheerful links or witty birthday cards and friendly pointers to interesting blog pages – anything. Those profiting would be almost impossible to catch and the entity itself, the botnet, would grow and refine itself until it became the very stuff of science fiction: the neural nets of William Gibson, Skynet in The Terminator films, the Borg collective in Star Trek, you know the genre.

We must do something surely, to stop this hellish vision from turning into a hellish reality before it’s too late? Well, my (not very surprising) kick in the teeth is this. It is already too late. Such botnets exist and one of them, the Storm botnet, has grown so fast, so terrifyingly and so cunningly, that in the last eight months it has overtaken all the others. Storm is an amalgam of millions (no one knows quite how many) of slave PCs. It sends out billions of spam messages, stock market scam mails and appears to be behind many examples of what are known as Distributed Denial of Service attacks, which for reasons of malice, politics or criminal extortion close down or threaten to close down legitimate servers by flooding them with more data traffic than they can handle. Using sci-fi sounding techniques like Fast Flux, Storm evades capture and surveillance and recent evidence leads those who know about these things to conclude that parts of it have indeed been leased or sold as ‘botkits’ to less technically savvy criminals. And yes, all the evidence points to clever young Russians coding away for big money: one nerdski will write the backdoor code in isolation from others who will be writing code for the keylogging software and the address book lifter and so on.

Storm began life early this year, but as of a couple of weeks ago it had grown into easily the biggest and most sophisticated botnet the world has seen.

But according to The Honeynet Project, Dark Reading and other reliable sites that monitor this subject, Storm is only the beginning. In a year’s time it will in all likelihood seem naïve, clumsy and harmless. Slashdot carried this headline only the other day: “There’s a new peer-to-peer based botnet emerging that could blow the notorious Storm away in size and sophistication.”

Advertisement

The big corporate players, who up until now have tended to play down the influence and power of malicious hosting (‘my dear, it sends out all the wrong signals about our industry, so discomforting, Sh!’) are starting to make squeaky noises.

It all reminds me of the AIDS epidemic of the 80s. Intense public hysteria followed by years of muffled silence. Surely we have our anti-retrovirals for HIV and our virus protection for PCs – what’s the fuss?

I’m afraid the same rules about protection in both areas can and must still apply. Don’t trust those you don’t know. Don’t have unprotected sex with someone whose status you are unsure of and don’t, don’t, don’t, click on that alluring headline, that tempting YouTube link, that interesting ad, that funny sounding birthday card or joke unless you are one hundred percent certain of its origin.

So they you are. Botnet: not a diaphanous material designed to make the buttocks look more alluring, but rather the very stuff of sci-fi nightmares. And it’s living with us now. Be vigilant, my friends.

www.darkreading.com – Doom-sayers www.honeynet.org – The good guys www.slashdot.org – ‘News for Nerds’

© Stephen Fry 2007

Absolutely unrelated

Related