Print 102 comment(s) - last by Iketh.. on Oct 18 at 2:50 AM

Unbeknowst to you, your computer could be a double agent, committing cybercrime as part of a internet-connected botnet. Over 2.2 million American PCs are part of some botnet, according to Microsoft.  (Source: Ubisoft)
U.S. leads the world in botnet virus infection rates

According to a new 240-page security report from Microsoft dubbed the Security Intelligence Report, America is among the most infected countries in the world when it comes to botnets.  The report uses information collected in the first half of 2010 via the Microsoft Malicious Software Removal Tool.

Over 2.2 million PCs in the U.S. are infected with a virus that makes them part of one of the internet's massive botnets.  The term "botnet" refers to a group of connected computers that can be used for ill purposes such as spamming, distributed denial of service (DDoS) attacks, and mass credit card fraud.

Brazil came in second place for most infected computers, with 550,000 botnet-infected PCs.  Per computer population, though South Korea had the highest rate (though its total number of infected machines is lower than that of the U.S. or Brazil).  In South Korea 14.6 out of 1,000 PCs are in a botnet, versus 5.2 computers out of 1,000 in the U.S.

Cliff Evans, head of security and identity at Microsoft UK, comments to 
BBC News, "Most people have this idea of a virus and how it used to announce itself.  Few people know about botnets."

Fewer people perhaps know about Microsoft's Malicious Software Removal Tool (MRT).  MRT has been is a free tool Microsoft includes with Windows XP, Windows Vista, and Windows 7.  First released in 2005, the tool is easy to run -- just go to "Start", type "run" in the search bar, and then type "mrt" (case insensitive) in the resulting popup.  The tool will then activate and be ready to scan your computer and remove many common types of malware.

Perhaps if everyone learns how to use the MRT, America can escape earning the dubious distinction of being the world's biggest botnet participant in 2011.  Given the general public's ignorance of security, that seems unlikely, though.

Despite the difficulty in getting the public to practice proper security, Microsoft is taking steps to try to win the war against botnet masters on its own.  The company recently seized control over 276 internet domains that were being used by botnet owners.  And it has beefed up the securityof its most recent operating system, Windows 7, making it harder to infect new PCs.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

How about education and guidance?
By stmok on 10/14/2010 5:38:01 PM , Rating: 2
I combine things in the following way under Windows XP/Vista/7...
=> MSE + Limited/Standard User + SRP or Applocker or Parental Controls + EMET 2.0

(1) MSE (Microsoft Security Essentials)
=> Scans files locally.
=> Might want to scan files manually via instead. (As that uses multiple AV engines...But has a 20MB file size limit.)

(2) Limited or Standard User
=> Can't write into Windows + Program Files directories unless you provide Administrator password.
=> Make sure you password the default Administrator level account!
=> Greatly reduce malware that needs Administrator privileges.

(3) SRP or Applocker or Parental Controls
=> SRP = Software Restriction Policy
=> These three allow one to create a whitelist for the Limited or Standard User.
=> Whitelist = "deny everything by default, except the legit apps I allow!"
=> Combined with (2) causes a Catch-22 situation for malware! (Can't run! Can't infect!)
=> Special note! Parental Controls is a lite version of SRP. It won't help with DLL injection-type malware!
=> You may want to use this as an alternative to Parental Controls:

(4) EMET 2.0
=> EMET = Enhanced Mitigation Experience Toolkit
=> "Hardens" apps like Adobe Reader or web-side apps like IE, Firefox, etc.
=> Get it here:
=> Requires .Net 2.0 framework (You can install .Net 3.5 framework instead.)

Of course, one still needs to hammer in on the issue of getting your software from legit sources (not hacked/cracked from P2P, Warez, Usenet, etc) and ignoring everything else. As well as keeping the system up-to-date. (Subscribe to MS's Security Bulletin mailinglist.)

Anyway, that's how I "secure" various Windows desktop systems I'm responsible for. The good news is that all the above are free! :) (I use a mixed Windows/Linux environment. Linux for servers, network security via PacketFence, and specific workstations roles.)

Side note:
MSE's licensing conditions allow for one to use it for small businesses of up to 10 devices. (Alongside "Home Use").

"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein

Most Popular Articles5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
No More Turtlenecks - Try Snakables
September 19, 2016, 7:44 AM
ADHD Diagnosis and Treatment in Children: Problem or Paranoia?
September 19, 2016, 5:30 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
Automaker Porsche may expand range of Panamera Coupe design.
September 18, 2016, 11:00 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki