Broadband News
News, views and analysis
UK Government PCs amongst millions caught in global botnet
22 Apr 2009 | 18.00 Europe/London
Cyber criminals have taken over almost two million PCs in a worldwide botnet - the name for a network of remotely controlled computers - including machines owned by the UK and US governments. The hackers, who've been traced back to the Ukraine, have been selling control of machines for between $50 and $100 in a Russian online forum.
Security experts Finjan say it's one of the largest and most sophisticated botnets ever uncovered. "When we look at a similar network last year they were in the hundreds of thousands. Now we're looking at mega-size botnets," their chief technology officer, Yuval Ben-Itzhak, told the BBC.
The criminals have been exploiting security holes in browsers like Internet Explorer and Firefox, forcing PCs to download the malicious software that enslaved them. That gave the hackers the ability to take screen shots, capture keystrokes and read emails.
It's the second time in a year that British Government PCs have been caught in a botnet, with six departments hit this time round. The Cabinet Office, which has the job of setting IT standards across the government, refuses to comment on the attacks for "security reasons." "It is Government policy neither to confirm nor deny if an individual organisation has been the subject of an attack nor to speculate on the origins or success of such attacks," a spokesman told the BBC. "We constantly monitor new and existing risks and work to minimise their impact by alerting departments and giving them advice and guidance on dealing with the threat."
Almost half the computers infected are in the United States. “With this many computers affected, everyone was there on the list - the US Federal government, big universities, very large public companies,” Finjan's Mr. Ben-Itzhak said in a statement.
The security firm have now handed the details of their discovery over to London's Metropolitan Police; as yet, the criminals behind it haven't been caught. "This is an ongoing investigation," a Met spokeswoman said. "We are aware of this botnet and are taking appropriate action."
[ BBC ]
Security experts Finjan say it's one of the largest and most sophisticated botnets ever uncovered. "When we look at a similar network last year they were in the hundreds of thousands. Now we're looking at mega-size botnets," their chief technology officer, Yuval Ben-Itzhak, told the BBC.
The criminals have been exploiting security holes in browsers like Internet Explorer and Firefox, forcing PCs to download the malicious software that enslaved them. That gave the hackers the ability to take screen shots, capture keystrokes and read emails.
It's the second time in a year that British Government PCs have been caught in a botnet, with six departments hit this time round. The Cabinet Office, which has the job of setting IT standards across the government, refuses to comment on the attacks for "security reasons." "It is Government policy neither to confirm nor deny if an individual organisation has been the subject of an attack nor to speculate on the origins or success of such attacks," a spokesman told the BBC. "We constantly monitor new and existing risks and work to minimise their impact by alerting departments and giving them advice and guidance on dealing with the threat."
Almost half the computers infected are in the United States. “With this many computers affected, everyone was there on the list - the US Federal government, big universities, very large public companies,” Finjan's Mr. Ben-Itzhak said in a statement.
The security firm have now handed the details of their discovery over to London's Metropolitan Police; as yet, the criminals behind it haven't been caught. "This is an ongoing investigation," a Met spokeswoman said. "We are aware of this botnet and are taking appropriate action."
[ BBC ]