Storm Warning: Botnet Gearing Up To Attack Defenders

The Storm worm, a massive botnet that its developers have been amassing over the last several months, is starting to attack computers that have been set up to defend against it. The botnet is set up to launch a distributed denial of service (DDoS) attack against any computer that is scanning a network for vulnerabilities or malware, IW reported.

The worm is now considered powerful enough to "easily" overpower the fastest supercomputers, IW reported.

REN-ISAC, a collaboration of higher-education security researchers based at Indiana University, last month issued a warning to about 200 of its member educational institutions and then put out a much broader alert, warning colleges and universities that their networks could come under heavy attack.

The warning noted that researchers have seen "numerous" Storm-related DDoS attacks recently. As the new school year gets underway, REN-ISAC is advising security professionals that the new attack "represents a significant risk" for the educational sector, REN-ISAC technical director Doug Pearson told IW.

When the scanner hits an infected computer that is part of the Storm botnet, the rest of the botnet directs a distributed denial of service attack back against the computer running the scan, Pearson said in an interview with IW. The attacks can last more than a day, and can involve "very significant" traffic.

"It's a new behavior for a botnet," said Pearson. "It's acting in a defensive manner. It is a little [scary], isn't it?"

Read More:

About the Author

Paul McCloskey is contributing editor of Syllabus.

Featured