 |
| A US hacker who took remote control of zombie
computers to launch a distributed denial-of-service attack has
received a five year sentence. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have warned
that different countries' approach to sentencing hackers and virus
writers is sending out a dangerous message to future potential
criminals.
On 12 August, US teenager Jasmine Singh was sentenced to five years
juvenile detention for launching distributed denial-of-service
(DDoS) attacks against online sportswear retailers that cost the
companies more than $1.5 million. Singh used a virus to infect and
control innocent computers around the world, forcing them to
bombard the websites with data to blast them offline. The US
authorities determined that Singh had been hired by rival website
owner Jason Arabo, an 18-year-old from Michigan, to launch the
attacks.
"Singh's detention has to be welcomed, and it sends out a strong
message to other young people not to engage in this kind of
criminal activity," said Graham Cluley, senior
technology consultant for Sophos. "However, there is a danger that
different countries are sending out a mixed message regarding
cybercrime. Earlier this year the German teenage author of the
hard-hitting Sasser and Netsky worms which affected thousands of
businesses worldwide received a punishment of only 30 hours
community service. There's a danger that if unless all countries
agree to act tough against hackers that they will only cause the
problem to become worse."
In 2001, Sophos revealed that the author of the infamous Anna
Kournikova worm had escaped with a sentence of just 150 hours community
service, whereas a year later David L Smith, creator of the
Melissa worm, was sent to jail for 20
months.
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
50 percent of all spam today originates from zombie computers. In
May, the Sober-Q Trojan horse and Sober-N worm worked in tandem to infect
and hijack computers around the world, programming them to spew out
German nationalistic spam during an election.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
that defends against the threat of spyware, spam and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.