With each passing day, security reports – including Cisco’s – describe accounts of computers that are used in botnet attacks. Each computer, unwittingly, is infected with malware and controlled by remote unseen hands, foreign or domestic, and with little to no care for the computer’s owner. Simply put, the computer is no longer exclusively under the owner’s control; nor is the data or the privacy of the owner. Unchecked, botnets grow in variety, frequency, complexity, and capability.
Traditionally, dynamic teams, composed of private citizens and law enforcement, devise ways to contain the effects of a botnet and, if possible, shut it down in some way, such as:
- Releasing signatures to anti-virus vendors in the hopes that AV will clean some of the infected machines
- Disrupting the Command and Control channel, so that the infected computers are no longer receiving instructions
- Just attempting to stay one step ahead of the malware through DNS, detection, or blocking access lists
In nearly each circumstance, new approaches are developed to keep the botnet variants from succeeding.
Add another creative approach to the mix based in the rule of law.