We interrupt your surfing to bring you an important message. Close your firewall ports! Update your antivirus! Train your end-users!

Although the title of this installment of my series on the Top Ten Cyber Menaces for 2008 may seem humorous, this is a very serious cyber security issue. As I stated in Part 1 of this series, my goal is to raise awareness and to focus on the business impact of the CMW (Cyberspace Most Wanted) threats.

A bot is a hacker attack tool that can be used to do anything you can do with a computer. They have been documented to spread as a worm from machine to machine, opening back door access to infected machines or planting code that can be activated later by a hacker called a "bot herder". Bot infections are very difficult to detect because they do not normally adversely affect the systems they infect. Bots on infected machines around the Internet can be linked together into massive "bot networks (botnet)". The danger lies in the potential for a hacker to use a botnet to highjack thousands of Internet computers and use them - like a great zombie army - for malicious purposes, such as a coordinated denial of service attack. The tools can also be used to search for stored passwords and other data on computers, such as credit card and social security numbers.

Security experts say it is difficult to predict how serious the potential bot threat is because it is hard to gauge how many Internet-connected machines are infected. Some botnets could be made up of anywhere from 10,000 to 400,000 machines.

The situation is further obscured by the fact that there are numerous variants of individual bots. According to security experts McAfee, there are 1,200 variants of Gaobot, more than 50 variants of Phatbot, and more than 900 of Agobot. Different bot variants may carry different payloads and be used for different purposes.

Systems under the control of a bot herder are used to:

	Conduct Spamming Campaigns
	Conduct Phishing Campaigns
	Harvest identity information
	Perform denial-of-service (DOS) and distributed denial-of-service attacks (DDOS)
	Infect other systems
	Distribute Malware and Crimeware
	Steal data from compromised systems and networks
	Conceal the activities of hackers
	Conduct "Clicks4Hire" campaigns
	Deploy key loggers that record every keystroke on the infected computer

Botnets are a major weapon used by the bad guys to make cyberspace unsafe. There are many solutions and best practices available for small and medium sized businesses to lessen the risks of a botnet infection. There is a direct link between surfing the Internet and increasing your chances of your CPU being "snatched"! In Part 1 of this series, I discuss how cyber criminals are exploiting vulnerabilities in trusted websites to embed malware that infects users as they innocently browse these sites. Although there are some typical signs that your computer may be part of a botnet, detecting and cleaning botnets at the desktop is not a feasible solution to the problem because they are often too difficult to detect. It seems that the best defense against botnets is to protect your systems by defending the attacking entry points. Implement products like secure web gateways, intrusion detection and prevention, network antivirus and URL filters that prevent infection.