Botnets are also one cause of that unrelenting global scourge, spam: Each infected machine becomes a miniature post office, spewing out phony ads and links to booby-trapped websites that can draw even more machines into the network. Consider Rustock, a botnet that, by some estimates, enlisted as many as 2.4 million machines into its network. At its peak, it may have been sending 1.8 billion spam messages an hour, a third of global spam.
C is for China Internet watchers still remember Jan. 12, 2010: the day Google announced that, after a serious hacking incident, the company was no longer going to play ball with the Chinese government.
It was a seismic event in the online world. Google and China were never easy bedfellows: Google’s corporate mission is to organize the world’s data and make it readily available. China, on the other hand, censors the Internet and sits behind a national filter so impermeable it’s known as the “Great Firewall.” Attempting to strike a balance, Google agreed to censor its search results, while alerting Chinese users that results were being withheld.
So when allegedly Chinese attackers gained access to some of Google’s most precious assets—reportedly including elements of its source code, and the Google-hosted e-mail accounts of political dissidents—the company stopped censoring its search results. Within months, it was blocked throughout the country.
The incident helped solidify the image of China as a digital arch-enemy in the Western consciousness: There’s hardly a cyberattack in the news that, failing to be credited to Anonymous, isn’t reported to have some Chinese involvement. A recent McAfee survey of electricity-infrastructure executives showed that China was by far their top concern. And it’s generally agreed that Beijing has adopted digital warfare as part of its military doctrine.
“China, at some point years ago, decided this was the best way it could catch up, and started seeding a lot of this activity,” says Ron Deibert, director of The Citizen Lab at the Munk School of Global Affairs.
But the Chinese hacking threat might also be overstated in the popular press. “I think it’s easy to find a bogeyman,” says Dean Turner, director of Symantec Intelligence Group’s Global Intelligence Network. “From the data we've seen, China consistently ranks in the top five. But so does the United States.”
In fact, Symantec’s most recent numbers for malicious activity by nation put the U.S. in first place, followed by China and India. It turns out that—surprise—countries with large populations of networked users also show more people using those networks for ill.
Nor is China monolithic. Deibert suggests that elements within the Chinese leadership are starting to realize that fostering a culture of hacking might not be a wise long-term move for a growing economic power.
Finally, tracing attacks to Chinese IP addresses doesn’t necessarily mean that the attackers are physically in China. Internet traffic can be circuitously routed to hide an attacker’s tracks; China might only have been the last stop on that path.
D is for Distributed Denial of Service At its March convention, the New Democratic Party was supposed to elect its new leader by dinnertime, in a part-live, part-online process that would strike a one-person/one-vote blow for grassroots democracy. But something went wrong: As delegates milled about and broadcasters played for time, the result was delayed, and delayed again, until late into the evening. The party’s computers had been hit by a denial-of-service attack.
Web servers can only handle so much traffic, after which they slow to a crawl or crash. So if you want to knock a rival site off the Internet, one tactic is to just bombard it. To keep that site’s owners from simply ignoring traffic from one place, it needs to come from all directions—at once.
This can be done with a botnet, where one attacker relays a signal that causes thousands of infected computers to focus their attentions on one hapless web server. Alternatively, users can voluntarily take part in a DDoS attack: Anonymous, for instance, uses a piece of software winningly called the Low Orbit Ion Cannon, which lets members voluntarily turn their computers into traffic generators.
The motive? Malice, damage, politics or money. DDoS can make a political statement, hobble a commercial rival, shut down government sites and the services they deliver, or even take pieces of networked infrastructure offline. But the real money could be in extortion: For service providers who can’t afford a disruption—think enterprise computing services, gaming networks, power grids—the mere threat of denial of service could be enough to make a target pay up. Victims don’t tend to publicize these incidents, but, in 2009, the CIA claimed that attackers had penetrated unnamed power grids, and caused at least one blackout.