Advertisement

Archive for Friday, February 19, 2010

San Francisco Corporations, agencies infiltrated by ‘botnet’

February 19, 2010

Advertisement

— Security experts have found a network of 74,000 virus-infected computers that stole information from inside corporations and government agencies.

The unusual thing about the incident is not that it happened but that it was discovered, a reminder of the dangers of connecting computers with sensitive data to the Internet.

More than 2,400 organizations, including financial institutions and energy companies and federal agencies, were infiltrated by the “botnet,” according to the NetWitness Corp. security firm, which discovered it.

NetWitness didn’t name the companies or agencies whose computers were compromised.

The Wall Street Journal said the affected companies included Merck & Co., Cardinal Health Inc., Paramount Pictures and Juniper Networks Inc. Merck and Cardinal Health said in statements Thursday that one computer in each company was among those in the botnet but no sensitive information was taken.

The other two companies didn’t return messages seeking comment Thursday.

The victims don’t appear to have been targeted, unlike the recent computer attacks on Google Inc. that prompted the Internet search leader to threaten to pull its business out of China. The case shows how online secrets can fall into the wrong hands even when criminals aren’t necessarily looking for them.

“This kind of stuff is out there, and it’s pervasive,” said Amit Yoran, CEO of NetWitness and former cybersecurity chief at the U.S. Department of Homeland Security. Parts of the botnet discovered by his firm likely are still active.

He said the network appears to be run from computers in Eastern Europe and China, but it’s not certain the perpetrators are there.

Botnets are networks of poisoned PCs that are remotely controlled by hackers and behave like their criminal robots.

The PCs are often infected when their owners visit bad Web sites or open malicious e-mail attachments.

Botnets are a major tool for cybercrime. They help criminals amass troves of stolen data that they can sell on the black market or use for their own schemes, such as yanking money from victims’ bank accounts.

Comments

Use the comment form below to begin a discussion about this content.

Commenting has been disabled for this item.