Abstract
This chapter will address how botnet infrastructure could be exploited for national security and cybercrime purposes. Cyber threats, including botnets, represent a fast developing international issue that is facilitated by the low awareness of end-users, by differences in national legal and policy approaches to cyber security and by the lack of attention to security in companies providing Internet services. Botnets are used for reaping economic gains by criminals as well as for politically motivated activities. Although many efforts have been made recently in mitigating botnets, they will be likely to re-emerge at the new level of sophistication and organisation. Also, botnet activity will move away from developed countries and spread further in emerging markets and in developing countries. The following study approaches the subject as a public policy issue and will analyse the phenomenon of botnets from national security, law enforcement and regulatory policy perspective. It will also offer recommendations for policy-makers on different public policy responses to effectively fight botnets, and highlights the need for international response mechanisms. In order to successfully address cyber threats, law enforcement capacity building and criminal justice should be strengthened globally, with a special focus on fast growing emerging economies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
See the Grum botnet case in earlier section, for instance.
- 2.
Although Estonia did limit Internet connectivity at the peak of attacks on 8–9 May, the connection was never cut off entirely, and Internet always worked inside Estonia. The Internet architecture in Estonia allows to limit connectivity to outside world and maintain functionality of online services inside the country. In order to allow Estonian citizens to conduct their everyday online business, the method of limiting connectivity with the rest of the world was used as a last resort for few days during the cyber attacks.
- 3.
International law enforcement cooperation was very good during and after the event, only one country, which has also not joined a major international cyber convention, the Council of Europe Convention for Cybercrime, declined the international obligation under the Mutual Legal Assistance Treaty to investigate the cyber attacks organised from its territory.
- 4.
The Law of Armed Conflicts and International Humanitarian Law regulate when the use of force in armed conflicts has occured and which principles apply when using the force.
- 5.
Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on Critical Information Infrastructure Protection—Protecting Europe from large scale cyber-attacks and disruptions: enhancing preparedness, security and resilience {SEC(2009) 399} {SEC(2009) 400}, COM/2009/0149 final.
References
Rowinski, D. (2011). Cybecrime as large as illegal drug trade. Symantec Reports. Retrieved September 8, 2011, from http://www.readwriteweb.com/archives/symantec_cybercrime_as_large_as_the_illegal_drug_t.php.
Europol presentation at the: Round table on cyber security: Which role for the European Parliament? European Parliament Workshop of Cybercrime. November 22, 2011.
Hogben, G., Plohmann, D., Gerhards-Padilla, E., Leder, F. (2012). Botnets: Detection, measurement, disinfection and defence. ENISA Report, March 7, 2012.
Lewis, J. A. (2012). Significant cyber incidents since 2006. Publication of the Center for Strategic and International Studies, May 4, 2012.
Hogben, G., Plohmann, D., Gerhards-Padilla, E., Leder, F. (2011). Botnets: Ten tough questions, ENISA Report, 2011.
Microsoft Security Intelligence Report, January–June 2009.
Hogben, G., Plohmann, D., Gerhards-Padilla, E., Leder, F. (2012). Botnets: Detection, measurement, disinfection and defence. ENISA Report, March 7, 2012.
van Eeten, M. et al. (2010). The role of internet service providers in botnet mitigation: An empirical analysis based on spam data. OECD Science, Technology and Industry Working Papers, 2010/05, OECD Publishing.
Armin, J. et al. (2012) Top 50 bad hosts and networks. HostExploit’s Worldwide Cybercrime Series 1st Quarter Report, April 2012.
Gross, G. (2012). Cybersecurity bill would create costly regulations, say critics. ITNews, February 16, 2012.
Africa used as botnet army; South East Asia invests in information warfare; Latin America beefs up regulation, Info-Security Magazine, July 30, 2012.
Empsak, J. (2012). How banking trojans empty your online accounts. NBCNews, April 24, 2012.
White house announces public-private partnership initiative to combat botnets. Press Release, The U.S. Department of Commerce, May 30, 2012.
Kirk, J. (2012). Microsoft leads seizure of Zeus-related cybercrime servers. NetworkWorld, March 26, 2012.
Magnuson, S. (2010). Russian cyberthief case illustrates security risks for U.S. corporations. National Defence Magazine, May 2010.
Armin, J. (2011). The carbon market, cyber attacks and organised criminal gangs. Hostexploit, January 27, 2011.
Palo Alto networks discover “Jericho” an emerging botnet. Spamfighter News, May 12, 2012.
Krebs, B. (2008). Host of internet spam is cut off. Washington Post, November 12, 2008.
Leyden, J. (2011). Rustock takedown: How the world’s worst botnet was KO’d. The Register, March 23, 2011.
Rustock. Special Edition Security Intelligence Report: Battling the Rustock Threat, March 16, 2011.
Schwartz, M. J. (2010). Bredolab botnet still spewing malware. Information Week, October 29, 2010.
Huge spam botnet Grum is taken out by security researchers. BBC News, July 19, 2012.
Ryan, J. (2012). DHS: Hackers mounting organised cyber attack on U.S. gas pipelines. ABC News, May 9, 2012.
In the dark: Crucial industries confront cyberattacks, McAfee Report, 2011.
Williams, C. (2011). GCHQ aims to protect critical private networks from hackers, The Telegraph, March 8, 2011.
Internet based attacks on critical systems rise, BBC News, April 18, 2011.
Clayton, M. (2011). FBI to kill secret-stealing Russian botnet: Is your computer infected? The Christian Scince Monitor, May 6, 2011.
How conficker continues to propagate. Microsoft Security Intelligence Report, vol. 12, 2011.
Willsher, K. (2009). French fighter planes grounded by computer virus. The Telegraph, February 7, 2009.
Researcher warns of Android phone “botnet”. Yahoo News, July 5, 2012.
Georgia tech information security center and Georgia tech research Institute “Emerging Cyber Threats Report 2012”, Georgia Tech Cyber Security Summitt 2011.
Brooks, C. (2011). Cybersecurity experts say small businesses beware, Business News Daily, October 9, 2011.
Demchak, C. (2012). Resilience, disruption, and a “Cyber Westphalia”: Options for national security in a cybered conflict world. In N. Burns, J. Price (Eds.), Securing cyberspace: A new domain for national security. Queenstown: Aspen Institute.
Nathan, T. (2005). Inside the Chinese hack attack, Time, August 25, 2005.
Winkler, I. (2005). Guard against titan rain hackers, Computer World, October 20, 2005.
Clarke, R. A. (2012). How China steals our secrets. New York Times, April 2, 2012.
Deibert, R., Rohozinski, R. (2009). Tracking ghostnet: Investigating a cyber espionage network, Information Warfare Monitor, March 29, 2009.
Zetter, K. (2010). Google hack attack was ultra sophisticated, New details Show, Wired, January 14, 2010.
Alperovitch, D. (2011). Revealed: operation shady RAT, McAfee White Paper, Retrieved August 3, 2011 from http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf.
Lewis, J. A. (2012). Significant cyber incidents since 2006, Publication of the Center for Strategic and International Studies, May 4, 2012.
Olsen, K. (2009). Massive cyber attack knocked out government web sites starting on July 4, Huffington Post, July 9, 2009.
Leyden, J. (2011). Palestine fingers Israel for blasting Gaza off the net: Services wiped out in DDOS attack, The Register, November 2, 2011.
Duma Delegation Visits Estonia, Postimees, May 02, 2007.
Estonia’s decision to dismantle the monument to soviet soldier desecrates WWII history, Pravda, April 26, 2007.
Digital fear emerge after data siege in Estonia, New York Times, May 29, 2007.
The hackers take down the most wired country in Europe, The Wired, August 21, 2007.
Senators quizz government for cybersecurity initiative. Security Focus, May 5, 2008.
Danchev, D. (2008). Coordinated Russia vs Georgia cyber attack in progress. Zdnet.com, August 11, 2008.
Leidner, J. (2008). Bear prints found on Georgian cyber-attacks. The Register, August 14, 2008.
Krebs, B. (2008). Report: Russian hacker forums fueled Georgia cyber attacks. The Washington Post, October 16, 2008.
Council of Europe treaty office website. http://conventions.coe.int/Treaty/Commun/ChercheSig.asp?NT=185&CL=ENG.
van Eeten, M. et al. (2010). The role of internet service providers in botnet mitigation: An empirical analysis based on spam data, OECD science, Technology and Industry Working Papers, 2010/05, OECD Publishing.
Hathaway, M. E. & John E. S. (2012). Duties for internet service providers. Paper, Munk School of Global Affairs, University of Toronto, March 2012.
Hathaway, M. E. (2012). Falling prey to cybercrime: Implications for business and the economy. Chap. 6 in Securing cyberspace: A new domain for national security. Queenstown: Aspen Institute.
Hathaway, M. E. (2012). Internet service providers are the front line of cyber-defence, Europe’s World, Spring 2012.
van Eeten, M. et al. (2011). Internet service providers and botnet mitigation: A fact-finding study on the Dutch market, Delft University of Technology, January 2011.
Cyber clean centre website. https://www.ccc.go.jp/en_index.html.
Website of the anti-botnet advisory center. https://www.botfrei.de/en/ueber.html.
Norton Cybercrime Report, Symantec 2012.
Global project on cybercrime (Phase 2), 1 March 2009–31 December 2011, Council of Europe Final Project Report, April 9, 2012.
Project on cybercrime in Georgia, Council of Europe website. http://www.coe.int/t/dghl/cooperation/economiccrime/cybercrime/cy_project_in_georgia/projectcyber_en.asp.
Cybercrime, council of Europe website. http://www.coe.int/t/DGHL/cooperation/economiccrime/cybercrime/default_en.asp.
Cybercrime, council of Europe website. http://www.coe.int/t/DGHL/cooperation/economiccrime/cybercrime/default_en.asp.
Council framework decision 2005/222/JHA of 24 February 2005 on attacks against information systems (pp. 0067–0071). Official Journal of the European Union, March 16, 2005.
The EU internal security strategy in action: Five steps towards a more secure Europe. COM(2010) 673 final, Brussels, November 22, 2010.
Commission to boost Europe’s defences against cyber-attacks, IP 12/1239, Retrieved September 30, 2010, from http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1239.
Communication from the commission to the European parliament, the council “Tackling crime in our digital age: Establishing a European cybercrime centre”. COM(2012) 140 final, Brussels, March 28, 2012.
EU Directive 2009/136/EC of the European parliament and of the Council of 25 November 2009 amending Directives 2002/21/EC on a common regulatory framework for electronic communications networks and services, 2002/19/EC on access to, and interconnection of, electronic communications networks and associated facilities, and 2002/20/EC on the authorisation of electronic communications networks and services, Official Journal of the European Union, December 18, 2009.
Cyber Europe 2012, ENISA website. http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/cyber-europe/cyber-europe-2012.
London conference on cyberspace: Chair’s statement. Retrieved November 2, 2012, from http://www.fco.gov.uk/en/news/latest-news/?view=PressS&id=685663282.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2013 The Author(s)
About this chapter
Cite this chapter
Tiirmaa-Klaar, H., Gassen, J., Gerhards-Padilla, E., Martini, P. (2013). Botnets, Cybercrime and National Security. In: Botnets. SpringerBriefs in Cybersecurity. Springer, London. https://doi.org/10.1007/978-1-4471-5216-3_1
Download citation
DOI: https://doi.org/10.1007/978-1-4471-5216-3_1
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-5215-6
Online ISBN: 978-1-4471-5216-3
eBook Packages: Computer ScienceComputer Science (R0)