Combating Spyware in the Enterprise

Early hacking was mostly harmless, things like ASCII Christmas trees, funny messages, practical jokes, and later, hacked web pages. Over the past decade more malevolent code has emerged in the form of worms, Denial of Service (DOS) attacks, and Distributed DOS attacks. A few individuals used their skills for their own benefit but most individuals still followed the Hacker ethic. More recently, organized crime and unscrupulous marketing companies have generated lucrative markets for hacking4hire, clicks4hire, and other schemes for generating revenue through hacking skills. These schemes have included ransomware (holding a website or personal information hostage in exchange for cash), theft of financial account information, identity theft, storage of illegal files (e.g., child porn, stolen Intellectual Property, cyber vendettas, and theft of encryption keys. To this list governments and global corporation have added intelligence gathering, economic or industrial espionage, and information warfare.
Both phishing attacks and botnets differ from most spyware in that they can be targeted. In phishing attacks, the bait is distributed broadly but the victims self select those attacks that that apply to them. Bot herders have two opportunities for selecting targets. When collecting zombies to increase the size of their botnets, the bot herder can choose to cast their nets wide or they can target IP addresses belonging to a particular company or set of companies. Once the zombies are in place, the bot herder can direct the bot clients to attack a single target or a class of designated targets. In clicks4hire schemes, the...