The bots are marching on, and on, and on, as my firewall log screen is almost rolling. Yesterday and the day before, I had more warnings in one hour than I usually get in one day. The botnet was working overtime.
A botnet is a collection of computers that are running programs ( usually worms, Trojan horses) on computers that have been compromised/infected and are now under the control of someone else other than their owner. They discreetly take hold of a user’s computer on and remain hidden while they launch their malicious attacks. Typically, a botnet can range in size between 10,000 and 100,000 infected machines.
I traced back (ping) the source IP addresses in my warning log and a pattern emerged. Almost all of attempts originated in China – no surprise there. But, what is going on that all of a sudden I see this increase and is it happening all over or did my poor little computer let down it’s guard long enough to get noticed?
Tue Mar 7, Reuters, in an article titled “Cyber criminals stepping up targeted attacks”
“China is also fast turning into a major source of botnet attacks likely due to the rapid growth in broadband Internet connections there, the report said.
During the last six months of the year, botnet attacks originating in China soared 153 percent, which is 72 percentage points above the average increase, the report said.
I read an article a while back (can not remember where, sorry) that made a case supporting the idea that this problem would grow in proportion to the Chinese governments censorship of it’s citizens internet access. The more desperately the citizens wanted to find a way past government controls on access more botnets would be created. More firewall warnings and infections of Western computer systems would lead to the Western worlds blocking of Chinese IP addresses. And round and round it would go. A firewall of it’s own.
Make sure your firewall is properly set up, and, anti virus and operating systems have the latest updates installed. And, do not use your dogs name as a password for your blog.
Check your firewall security here: Shieldsup
Create a secure password here: Password Checker Mircrosoft
Live information on latest threats: DShield
Just one of the IP’s that have busy with my firewall has 383126 reports of abuse against it at one reporting service.