Home / Blogs

Wall Street Bailout: Could Learn a Thing or Two From Botnets

Terry Zink

Well, at this point, the government is well on its way to bailing out Wall Street from its own incompetence, putting taxpayers on the hook for $700 billion. The worst part is that as Treasury Secretary Hank Paulson puts it, "You're worried about taxpayers being on the hook? Well, guess what? They're already on the hook!" I read that and said "Aw, crap..."

Anyhow, Wall Street should maybe learn something from botnet operators. For you see, botnets are not just for sending spam anymore. The bots have diversified their holdings:

  • Sending spam - botnets curse and plague us with piles of spam in our inboxes every single day. Spamming is big business and by randomizing the location of where the mail is coming from, spammers can evade reputation filters for a little while.
  • Signing up for webmail accounts - Google, Yahoo and Hotmail all have problems with spammers creating free accounts, sending spam and avoiding each other's reputation filters. The thing is, it's bots that are creating these free webmail accounts. So instead of sending spam directly, these bots are doing automated account creation and using a loophole to send spam — that of evading a reputation filter by hijacking someone else's.
  • Creating landing pages - Not only do bots sign up for email accounts, they sign up and create landing pages, like a spammy Live Spaces account or Google Blogspot account. They break the CAPTCHA's these services have and create the landing pages so that when they do eventually spam, these spam messages have links to free web pages. Again, it's reputation hijacking.
  • Other nefarious purposes - There are other things that bots do, like engage in cyber-warfare against nations (this happened to Estonia in 2007), DDOS attacks, and so forth. In other words, bots are used for things other than sending spam.

My whole point in this is that botnet operators have diversified. They are not just for sending spam so taking out one particular activity doesn't necessarily take them out of the game.

Contrast this with Wall Street. Clearly, they made some bad investments. Really bad, like $700 billion worth. Perhaps if they diversified their holdings a bit and didn't overload in one particular area (like subprime mortgages) they/we wouldn't be in this mess.

Botnet operators may be evil, but they aren't stupid.

By Terry Zink, Program Manager
Follow CircleID on
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

Cybersecurity

Sponsored byVerisign

Whois

Sponsored byWhoisXML API

New TLDs

Sponsored byAfilias

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Cybercrime

Sponsored byThreat Intelligence Platform