Storm Worm Botnet More Powerful Than Top Supercomputers

Sharon Gaudin, | September 6

Information Week - The Storm worm botnet has grown so massive and far-reaching that it easily overpowers the world's top supercomputers.

That's the latest word from security researchers who are tracking the burgeoning network of Microsoft Windows machines that have been compromised by the virulent Storm worm, which has pounded the Internet non-stop for the past three months. Despite the wide ranging estimates as to the size of the botnet, researchers tend to agree that it's one of the largest zombie grids they've ever seen -- one capable of doing great damage.

"In terms of power, [the botnet] utterly blows the supercomputers away," said Matt Sergeant, chief anti-spam technologist with MessageLabs, in an interview. "If you add up all 500 of the top supercomputers, it blows them all away with just 2 million of its machines. It's very frightening that criminals have access to that much computing power, but there's not much we can do about it."

Sergeant said researchers at MessageLabs see about 2 million different computers in the botnet sending out spam on any given day, and he adds that he estimates the botnet generally is operating at about 10% of capacity. "We've seen spikes where the owner is experimenting with something and those spikes are usually five to 10 times what we normally see," he said, noting he suspects the botnet could be as large as 50 million computers. "That means they can turn on the taps whenever they want to."

No one could provide detailed and specific comparisons between the strength of the botnet and the top supercomputers, mainly because it is hard to know for sure the size of the botnet or the power of each computer that is part of the botnet.

Adam Swidler, a senior manager with security company Postini, told InformationWeek that while he thinks the botnet is in the 1 million to 2 million range, he still thinks it can easily overpower a major supercomputer. "If you calculate pure theoretical throughput, then I'm sure the botnet has more capacity than [IBM's] BlueGene. If you sat them down to play chess, the botnet would win."

More here

Petronius September 6, 2007 - 10:07pm

printer friendly version |

( categories: News | Technology )

not being a computer savvy person,

all i can say is, 'wow!' thanks for the update. i'd, um, never heard of botnet.

chicago dyke September 7, 2007 - 10:50am

It's fortunate...

...that for the time being, the focus of the botnet is scattered across a number of targets.

Imagine if they were directed at all the seed servers for DNS....they could bring down the Internet, by making it impossible for a computers to resolve/find other hosts on the net.

As much as I am in favour of free use of the Internet, either we in the industry have to redesign and reimplement much more restrictive and/or paranoid network protocols (to make this sort of activity impossible), or find the perpetrators and keep them away from computers.

-5.75,-4.05 Rule of the Great:
When people you greatly admire appear to be thinking deep
thoughts, they probably are thinking about lunch.

justadood September 7, 2007 - 1:40pm

Exactly

Just as many of our operating system designs never envisioned attacks coming in from over the net, the internet was not designed for a hostile environment.

Redesign is clearly indicated--in both cases.

Similarly, I think it odd that mobile phones are tarrifed based on the number of minutes in use, while broadband connections are charged per-month regardless of bandwidth utilized.

Might it make sense to charge on the basis of bytes transferred? It would certainly give the carriers an incentive to kick the bandwidth of their service up. It would also give one a valid reason to sue spammers, as unwanted email then becomes a real expense.

Petronius September 7, 2007 - 3:05pm

Consumers and businesses

Consumers and businesses want fixed costs. All such services start out with variable-cost offerings and quickly switch to fixed-cost products. Mobile phones are moving to this model: MetroPCS is a local company to San Francisco and environs that does fixed-price per month with various $1-2 dollar monthly addons for text messages, pictures, etc. That is, you pay the $1/month or you get no text messages.

Unforch they have the worst coverage...

Forget it, Jake - it's AmnesiaTown

Tonsure Wimple September 8, 2007 - 1:03am

Um, the network would be a whole lot safer...

...if it weren't a fucking MS monoculture.

GordonMcMillan September 8, 2007 - 7:51pm

Doubt it, or rather who cares

Internet 2 that totally secure closed Internet for the truely elite who matter keeps them totally safe.

I used to be vehemently upset about net neutrality but like most things unrestrained capitalism turns good things into bad. The perception here is that the "services" they want to bring you come in the form of dippy/propaganda laden video streaming. I always say 3000 channels and there is nothing on.
Our bandwidth on the other hand is most likely an artificial limit rather than a technical one. The only reason they put up with it? It is a data miner's paradise.

Lasthorseman September 7, 2007 - 6:20pm

Roll with the punches

Clearly we should hire it out for protein folding simulations. Get with the future, folks. It's like graffiti: you can whine or you can appreciate the artistry.

Forget it, Jake - it's AmnesiaTown

Tonsure Wimple September 8, 2007 - 1:05am

It would certainly be a way

to obtain enough processing power for even the most discerning needs.

It's one of the reasons I was uninterested in running those "donate your unused cycles to the search for alien intellience" screensavers. One never really knows how they got put to use.

"The best-informed man is not necessarily the wisest. Indeed there is a danger that precisely in the multiplicity of his knowledge he will lose sight of what is essential."

- Dietrich Bonhoeffer

Escher Sketch September 8, 2007 - 1:35am

Primer

http://www.cs.berkeley.edu/~nmani/cs267/asst0.html

http://mauberly.blogspot.com/

mauberly September 8, 2007 - 2:01pm

I was going to apologize for bomb-throwing, but it seems y'all got it.

I'm interested in the cross-border aspect of this: how many Chinese PC's can they control? Seems like they could be an effective propaganda machine, which makes them very interesting to the intel community.

Tonsure Wimple September 9, 2007 - 11:40pm

I guess my question would be...

...how complete is the control over the computers that make up these bot-nets? Isn't there quite a difference in the level of control required to get a computer to throw an endless stream of packets at a particular address and the level required to do actual useful computation?

"The spectacle of this great nation which does not know its own mind is as humiliating as it is dangerous." ~ Walter Lippmann

JustPlainDave September 9, 2007 - 11:46pm

ISPs turn blind eye to million-machine malware monster

Dan Goodin | San Francisco | Sept. 10

The Register - Talk to anyone who makes a living sniffing out online fraud, and you'll hear the same story over and over. Researcher uncovers the source of a massive amount of spam, identifies an IP address that is part of a botnet or stumbles upon a phishing site that's spoofing a trusted online brand. Researcher dutifully reports the incident to the internet service provider whose network is being used, only to find the bad behavior continues unabated for days, weeks and even months.

A lack of engagement from ISPs is nothing new, but it has continued even as the malware scourge makes steady gains.

No one really knows exactly how many infected PCs are out there, but just about everyone agrees the number is high and growing. Accepting even conservative estimates that 10 percent of machines are part of a botnet means that tens of millions of systems are actively sending spam, launching denial-of-service attacks, and spewing all sorts of other malicious traffic across networks owned by the world's biggest ISPs.

more

Rick September 10, 2007 - 9:02am

Search

latest

User login

Navigation

Team Agonist

Thoughtful

Global

Timely

Who's online

Online users:

Syndicate

Storm Worm Botnet More Powerful Than Top Supercomputers

Comment viewing options