BBC team exposes cyber crime risk

Software used to control thousands of home computers has been acquired online by the BBC as part of an investigation into global cyber crime.

The technology programme Click has demonstrated just how at risk PCs are of being taken over by hackers.

Almost 22,000 computers made up Click's network of hijacked machines, which has now been disabled.

The BBC has now warned users that their PCs are infected, and advised them on how to make their systems more secure.

Concerted attack

Click managed to acquire its own low-value botnet - the name given to a network of hijacked computers - after visiting chatrooms on the internet.

The programme did not access any personal information on the infected PCs.

If this exercise had been done with criminal intent it would be breaking the law.

But our purpose was to demonstrate botnets' collective power when in the hands of criminals.

Click ordered its PCs to send out spam to two specific test e-mail addresses set up by the programme.

Cyber gangs use botnets to support crimes such as fraud and theft

Within hours, the inboxes started to fill up with thousands of junk messages.

But a botnet can also be used to launch a concerted attack on commercial websites to take them out of action.

Hefty ransom

By prior agreement, Click launched a Distributed Denial of Service (DDoS) attack on a backup site owned by security company Prevx.

Click then ordered its slave PCs to bombard its target site with requests for access to make it inaccessible.

Amazingly, it took only 60 machines to overload the site's bandwidth.

DDoS attacks are used by extortionists who threaten to knock a site offline unless a hefty ransom is paid.

Jacques Erasmus from Prevx said that high-traffic websites with big revenues are a "massive target" for this kind of attack.

"Cyber criminals are getting into contact with websites and threatening them with DDoS attacks.

"The loss of trade is very substantial so a lot of these websites just pay-up to avoid it," he explained.

Evolving threat

Click has now destroyed its botnet, and no longer controls any hijacked machines.

However, the owners of unprotected PCs have been made aware that they are vulnerable to future attacks.

How a botnet works In graphics

In addition, Click advised them on what steps to take to make their systems more secure. Most computers have protection systems that need to be switched on and kept updated to protect them against the evolving threat from hackers.

Machines can be compromised simply by visiting an infected web page or opening an e-mail containing a virus as an attachment.

'Very professional'

Hackers exploit unprotected computers for valuable data such as banking and credit card details.

Criminals use botnets to send out thousands of spam messages, store stolen data, and fraud.

For instance, "phishing" e-mails which attempt to trick people into revealing their bank details are often routed through a botnet.

Users are normally unaware that their PCs are being controlled remotely by cyber criminals because there are almost no symptoms.

Greg Day from security firm McAfee explained that the people who control botnets are "very skilled professionals."

"We've seen this move from what used to be a hobbyist bit of fun into something now that is very professional," he said.

Hackers are keen to recruit new PCs to a botnet to create a resource that they sell or hire out to other cyber criminals.

But some networks of hijacked computers are of "much more value" than others, according to Mr Erasmus.

"Computers from the US and the UK go for about $350 to $400 (£254-£290) for 1,000 because they've got much more financial details, like online banking passwords and credit cards details," he said.

This report will be broadcast in this week's edition of Click on Saturday 14 March at 1130 GMT on the BBC News Channel.

E-mail this to a friend

Printable version