Global co-op feeds FBI's botnet fight

Officials with the FBI claim that global law enforcement partnerships are playing a significant role in its ongoing efforts to stomp out botnets and other computer-borne crimes.

Security researchers have long maintained that one of the most significant obstacles to shutting down botnets is the distributed global nature of the individuals responsible for operating the networks of zombie PCs.

Botnets are banks of computers infected by virus programs that allow them to be secretly used to carry out many forms of electronic attacks.

The conventional wisdom has been that U.S. law enforcement officials have struggled to find the budget and manpower necessary to track down cyber-criminals operating on their own turf, let alone find a way to identify and arrest people distributing malware code or operating botnets who are based in foreign nations.

However, hot on the heels of its announcement of a round of arrests of U.S.-based botnet herders and the identification of over one million machines infected by the programs, FBI officials said that international cooperation is playing an increasingly important role in helping it stomp out cyber-crime.

"We've been successful in building relationships with foreign law enforcement officials and have agents in 60 countries around the globe working full time on cyber-crime along with police departments and other agencies," said Shawn Henry, deputy assistant director of the Cyber Division at the FBI. "We've seen some significant developments over the last few years in that area."

While Henry admitted that the very nature of cutting-edge botnet herders can make them hard to find as perpetrators move from one bank of infected machines to another quickly to avoid detection, he said that partnerships with foreign governments in the name of fighting cyber-crime are playing a vital role in aiding the agency's ability to thwart the attacks.

"This type of crime can be committed by someone with minimal resources, sometimes using publicly available tools, which makes it a challenge to identify who is responsible, but international cooperation has allowed us to pursue these efforts in many countries, and we are also helping other nations fight operators located in the U.S. as this is a problem that goes both ways," Henry said.

Rounded up by the agency in its most recent botnet hunt were Robert Alan Soloway of Seattle, who has been tabbed as one of the nation's leading sources of botnet-driven spam e-mail, along with James C. Brewer of Arlington, Texas, who is alleged to have infected several Chicago-area hospitals with botnet programs, and Jason Michael Downey of Covington, Kentucky, who is charged with running botnets that were used to carry out so-called denial-of-service attacks.

Taking such individuals offline has become a task secondary only to fighting terrorists and spies, according to Henry, who said that the FBI's current leadership is very much focused on expanding its ability to battle cyber-criminals.

Whereas the perception within the IT security community has been that computer-based attacks are further down the agency's pecking order and that its efforts to stop such crimes lack the same financial backing as its other pursuits, Henry said that the FBI is taking the problem more seriously than ever before.