Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Here’s a new stat for the data-ravenous tech industry: $100 per hour. No, its not the new wage programmers charge for their services. Rather, it’s the average going rate for your computers resources, sold without your knowledge in shadowy underground markets, according to Vincent Weafer, senior director of Symantecs security response team.

Weafer is speaking of  bot networks, ad-hoc clusters of several thousands computers that, unbeknownst to the user, are being deployed toward some nefarious end. Bot nets originate when a user unwittingly downloads a Trojan horse program containing malicious code. Sometimes the code gets onto a users computer when the user clicks on an e-mail attachment. Other times it’s embedded in a virus, and other times it’s masked as a different program and downloaded through peer-to-peer networks or IRC channels. According to a semi-annual report released by Symantec this week, these bot nets are growing at an incredible rate. Last year, Symantec saw about 2,000 machines per day recruited into these bot armies. In its new report, that figure had grown to 30,000. An unprotected machine will typically be attacked within 20 minutes of being put on the Internet, according to Weafer. “The fastest we’ve seen was a machine taken over six seconds after it was connected to the Web,” he says.

The code typically lies fallow until its perpetrator calls it and its thousands of brethren to action. The perpetrator sends out code that any infected computer (also known as a zombie) connected to the Internet will understand; the zombie PC awakens, awaiting its next command. Bot nets have been used to conduct distributed denial-of-service (DDoS) attacks on high-profile websites, to serve up spam advertising, or whatever the issuer decides he or she wants to do with the computing power of thousands of machines. The SCO Group, a controversial Utah-based company that has angered much of the computing community with its lawsuits against companies running Linux, found itself attacked last year and then again earlier this year. In February, the FBI broke up a bot net ring in which the CEO of a small Ohio-based Internet service provider called CIT/Foonet had allegedly paid hackers to conduct bot network-based attacks on his business rivals. The attacks cost his rivals $2 million and the CEO is now a fugitive. Just within the last week and a half,, a credit-card processing company, fell victim to a coordinated attack that angered the firm’s customers and did untold financial damage.

Bot networks are the biggest problem on the Internet right now, says Johannes Ullrich, chief technology officer for the SANS Institute’s Internet Storm Center, a leading watchdog organization that monitors Internet security threats. One of the reasons these bot nets rile network administrators so greatly, says Ullrich, is that the bot writers craft their code in such a way that its very difficult for anti-virus software to detect it.

0 comments about this story. Start the discussion »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me