Top Security News Word To The Wise: Don’t Fire Your IT Guy In case you didn't know, it's kind of important to be nice to your IT staff. You know why? Yeah, you know why; they have access to everything and can sink or expose... Next Malware Breeding Ground: Online Games? You know the bad guys are after your money and identity via traditional methods already. Did you know security experts are warning against attackers going after your or your kids' virtual currency? Dr. Igor Muttik, senior... NASA Confirms Virus On Space Station NASA has confirmed that some laptops on the International Space Station have been infected with the W31.Gammima.AG virus, a worm that steals users... BGP Exploit Is Big Uh-Oh For Internet As far as possible security exploits this sounds pretty bad. Well, not just "possible" and not just "bad." A demonstrated exploit of the internet routing protocol... Thursday:09.04.08 Both the number of botnets and the size of individual botnets have quadrupled in the past 90 days, according to security researchers. Despite the sudden influx, spam and malware has not increased correspondingly, making the case more mysterious. John Bambanek at Internet Storm Center points to Shadow Server to illustrate the tremendous spate of botnet activity over the summer. Typically, when botnets increase, so does new malware like viruses, spyware, and spam. "I imagine that the bad guys have gotten better about keeping machines owned, but there is one vector that we need to get much better about tracking and managing, and that's direct web-based malware. The timing, very roughly, coincides with when we started to see increase SQL injection attacks against webservers (mind you, this is an educated guess that SQL injections are a big part of this, not a statement of fact)." Though malware-fighters are very adept at tracking email spam from zombie machines, Bambanek notes the difficulty in scanning the entire Internet to find malware that possibly has been injected deep into websites. Still, you might expect to see an increase in new viruses after the fact. One theory has suggested the summer botnet increase is attributable to bored students being off from school. Time will tell if the botnet attacks decrease, increase or stay level as September continues. This probably has nothing to do with it and even if so you could bet on denial, but in May, Colonel Charles W. Williamson III made a pretty convincing case at the Armed Forces Journal for military use of botnets as a preemptive maneuver to counter foreign cyber warfare botnets. He compares his strategy to taking out planes before they can even leave the ground. It was around that time the Air Force was tasked with creating its Cyber Command to dominate cyberspace. Cyber Command was suspended in mid-August, due to some power-chain shakeups and standard bureaucracy. Coincidentally, the vice chief of Cyber Command was reassigned to the Pentagon this week. Though the Air Force couldn't get off the ground with the cyber command, could it be possible another branch or agency or foreign military is unleashing the flood of botnets as a test or as some kind of surveillance? About the Author: Jason is a graduate of the University of Kentucky. He covers business, technology, and security issues. SecurityProNews is brought to you by: SecurityConfig.com NetworkingFiles.com ITmanagementNews.com NetworkNewz.com DatabaseProNews.com SQLProNews.com ITcertificationNews.com SysAdminNews.com LinuxProNews.com WirelessProNews.com About SecurityProNews SecurityProNews is updated in real time with vital internet security alerts, news and in-depth articles for IT Managers. SecurityProNews understands that IT Management Begins With Security. Advertising Newsletters Corporate Info Site Map Support © 2008 SecurityProNews. An email newsletter. , Inc. 2549 Richmond Rd. Lexington KY, 40509 All Rights Reserved. Terms under which this service is provided to you. Read our privacy policy. Contact us. SecurityProNews is part of the iEntry Inc. Network of sites and newsletters.