Botnet Hunters in Closed-Doors Redmond SummitBy Ryan Naraine | Posted 2007-01-22 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Microsoft is hosting an invite-only powwow to discuss the escalating threat from zombie botnets and zero-day malware attacks.
Faced with arguably its biggest security crisis since the 2003 network worm attacks, Microsoft is throwing its support behind a high-level powwow to discuss the escalating threat from zombie botnets and zero-day malware attacks.
The software maker is rolling out the red carpet for the world's top security research professionals attending a closed-doors workshop at its Redmond, Wash., headquarters on Jan. 25 and 26.
The summit is being called to brainstorm the growing sophistication of botmaster operational tactics and the use of vulnerabilities and zero-day exploits in the wild.
The invite-only attendees, drawn from the biggest names in the anti-virus and Internet security space, will spend the two days talking about the advancements in spyware and phishing gangs that use botnets for online crime.
A botnet is a collection of broadband-enabled PCs, hijacked during virus and worm attacks and seeded with software that connects back to a server to receive communications from a remote attacker. In 2005 and 2006, the botnet threat exploded on the Windows platform as users struggled to deal with clever social engineering attacks.
According to statistics from Symantec, in Cupertino, Calif., an average of 57,000 active bots (individual compromised machines) was observed per day over the first six months of 2006. The botnets, which are easy to create and maintain, serve as the key hub for well-organized crime rings around the globe, using stolen bandwidth to make money from spam, spyware installations and identity theft attacks.
Microsoft has acknowledged that bots and Trojans present the biggest threat to Windows users and, with the recent surge in zero-day attacks targeting unpatched flaws in its software, the company's interest in the topic could not have come at a better time.
On the opening day of the summit, two Microsoft representatives will actively participate in the discussion around zero-day malware attacks. Greg Galford, a security architect in Redmond's Security Technology Unit, will present a case study on the way the MSRC (Microsoft Security Response Center) responds to zero-day exploits while Ziv Mador, a member of Microsoft's anti-malware team, will share details on zero-day exploits in 2006.
Galford will also appear on a panel discussion on how to plan for Internet-wide zero-day threats, while MSRC manager Mike Reavey is also listed as a speaker.
Also on tap to present is Jerry Dixon, manager of the U.S. government's CERT (Computer Emergency Response Team), who will talk about the changing nature of cyber attacks. Alex Shipp, anti-virus technologist at MessageLabs, will provide a bird's-eye view of targeted Trojan attacks, and Jose Nazario, senior software engineer at Arbor Networks, will discuss the link between massive botnets and DDoS (distributed denial-of-service) attacks.