Yesterday I was enjoying BBC Click as per-usual on a Sunday but was somewhat surprised by the Contents of the show which has compelled me to write a little about it.
Spencer Kelly used underground forums to purchase a BotNet containing 22,000 PC’s for $2500 (from memory).
Once logged into the admin interface for the BotNet he goes through all the options showing how easy it is to control. Walking the audience through how to spam a Mailing List and execute a DDOS attack on a website (which they did). Effectively broadcasting a tutorial on how to a denial of service attack or spam, it certainly opened my eyes. Madness! Perhaps next week they’ll visit a Arms Dealer and teach everyone how to make a bomb.
It was a really interesting show however I tend to look at things from a different angle, sure a few PC’s might now be more secure. But how many people are sat thinking about how much money they could make spamming? Or whether they could take a competitors site out for a week, getting it knocked out of Google. It could have done more harm than good.
Not to mention – Is it even Legal for them to be using a BotNet? Regardless of whether there was malicious intent. They still accessed 22,000 computers without the permission of the owners.
Watch the show here: http://news.bbc.co.uk/1/hi/programmes/click_online/7932816.stm