Experts concur botnets are a ‘pandemic’

The explosion in digital media and the mushrooming of e-crime is again under the spotlight as a host of technology experts warn that criminals controlling millions of personal computers are threatening the future of the internet.

Hamadoun Toure, secretary general of the International Telecommunication Union, said the fight against botnets was a “war” that could only be won if all parties – regulators, governments, telecoms firms, computer users and hardware and software makers – worked together.

Botnets are made up of a large number of compromised machines infected with a malicious code controlled by an operator who can issue commands leading to Trojan virus programmes, spam, malware, online fraud schemes or, more often, denial of service attacks.

The panel of leading experts was discussing the future of the internet at the World Economic Forum in Davos.

Up to a quarter of computers on the net may be used by cyber criminals in so-called botnets, said Vint Cerf, one of the fathers of the internet. Mr Cerf, who is one of the co-developers of the TCP/IP standard that underlies all internet traffic and now works for Google, likened the spread of botnets to a “pandemic”.

Mr Cerf said that of the 600 million computers currently on the internet, between 100 and 150 million were already part of a criminally operated botnet.

His fears were echoed by technology writer John Markoff. “It’s as bad as you can imagine, it puts the whole internet at risk,” he said.

Mr Markoff, who writes for the New York Times, said that a single botnet at one point used up about 15 per cent of Yahoo’s search capacity. He told the panel how the botnet was commanded to retrieve text snippets to camouflage messages so that its spam e-mail could overcome spam filters.

The expert panel, among them Michael Dell, founder of Dell computers, agreed that a solution had to be found to ensure the survival of the web.

However, members were unsure about feasible solutions, even though operating systems and authentication were raised as key issues.

Several panel members concluded that it is still overly easy for net criminals to hide their tracks. It was raised, however, that it is probably not desirable that every individual was definitively identifiable.

“Anonymity has its value, and it has its risk,” said Professor Jonathan Zittrain, internet governance at the University of Oxford.

Microsoft Vista was again a subject of debate when the experts agreed the new system still made it too easy for criminals to infiltrate. Pirated copies of Vista have been circulated in China, ahead of the scheduled Vista launch this week. Mr Markoff added that about 50 per cent of all pirated Windows programmes came with Trojans pre-installed on them.

Mr Dell said the future might bring “disposable virtual PCs”, accessed through the internet, which would minimise the threat of a persistent virus infection.

Microsoft has however, despite their continued received criticism for software insecurity, underlined that the Home Office is not taking cybercrime and related fraud seriously enough.

The software giant says that cybercrime reporting mechanisms in the UK have been inadequate, since the closure of the National Hi-Tech Crime Unit. Microsoft’s critique has been submitted to the House of Lords Science and Technology Committee inquiry into internet security.

According to the company, improving online security requires a “multi-pronged approach including consumer education, technological practices, and improvements and legal enforcement”.

Tim Bishop, Labour MP, said the report is a diplomatic way of saying the Home Office “is not interested in cybercrime” and “has no idea of the scale of the problem”.

The report states: “In the UK, one issue that needs addressing is the problem that cybercrime and related fraud are not presently priority indicators for the police as set by the Home Office.

“With the changes