This article was the result of a trip to my grandmother's house in Mysore(a small city in Karnataka, South India). My granny recently took to computers and the internet and has been hooked ever since. She never forgets to send all of us, a large number of e-greetings for every festival or for any other momentous occasion like birthdays and anniversaries. She keeps in touch with my uncle, who lives in the US and is now looking at having an online banking account, which will enable her to make things very very easy for herself. She has got a laptop and a Wifi connection at home. Some friends in that small neighbourhood in Mysore also have the same tools. They use these gizmos to keep in touch with family, and pretty much do the same things my granny does.
It was a saturday when we got there and I opened up my laptop for checking my mail and some other "cloud based" activities. Her Wifi was on. It was WEP enabled and it took me all of 2 minutes to crack the WEP key. When I cracked and read her WEP key, I began to think horrible thoughts. I had visions of bots, paralyzed networks, stolen identities and ladies like my granny being named as attackers in a online banking fraud scheme. Let me just break some of these visions down for you.
First, some statistics. India has seen a phenomenal increase in broadband penetration. It is currently rank 18 in the list of countries with highest broadband penetration and will take a giant leap to rank 6 in the same list in 3 years time. The growth rate for broadband in India is likely to be whopping 489%, which is double the second-largest growing market, Vietnam, which is 276%. Secondly, Wifi has also taken off in a big way. People are waking up to the fact that Wifi is an extremely convenient way to connect to a network or to the internet. I can attest to this fact, because my granny's neighbourhood in Mysore has around 50 homes and almost all of them have broadband internet and wireless routers. Laptop sales have also been growing at a scorching pace in the country. India registered a 114% percent growth in laptop sales with 1.8 million units getting sold in '08. According to India’s Manufacturers Association for Information Technology (MAIT), laptops account for 25 percent of the total PC market in 2007-2008, shooting up from less than 3 percent in 2004.So, as you can see, as tech costs are being driven down, these technologies are in everyone's reach and it is great. The world should be able to harness the power of computers and the internet in all its glory. But once again, as always, with great power comes some serious security issues.
I am sure some of you are aware about the concepts of bots. Nevertheless, I shall explain. Wikipedia defines bots as so "Internet bots, also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web spidering, in which an automated script fetches, analyses and files information from web servers at many times the speed of a human."Bots are used heavily for malicious purposes. Ebay sued a bunch of third party bot makers that were scrounging sround ebay and making repititive bids for products at low prices, but once the lawsuit became public knowledge, ebay had to deal with hundreds more of such bots. A botnet is a group of compromised computers which have been overrun by bots send by a bot-herder. The bot-herder may compromise your computer through a variety of ways like viruses, trojans, backdoors or even through a Instant Messaging Application. Once the bot is in your machine, your machine has now become a zombie and does the bidding of the bot-herder. The bot-herder may use your machine for anything. Let me just give you an example, In 2007 there was a bot called the "Storm worm" which an email attachment. The email was something like this "230 dead as storm batters Europe" and it contained a trojan horse and like this managed to become one of the most popular worms of its time. It resulted in 8% of all malware infections all over the world. This is just an example of one bot. My friend downloaded some files using peer-to-peer networks like Torrent and other sites and he had keyloggers which had managed to sneak past his "Anti-Virus" program and manifest in his machine. A keylogger is a tool which captures all the keystrokes entered into a computer and sends the data to a bot-herder. So, the next time you want to shop online with your credit card, you will have to type it in, right? and if there is a keylogger, well...you know where I am going with this. Botnets are also used to attack different websites and IPs. If you have a bot-infested computer, chances are that you are attacking the website of a company, and you dont even know it. As I type this, a new worm affecting Windows has just made the news and it seems more than 4 million PCs all around the world have been affected by it.
So why is this article on India? This can happen all over the world, why are you talking about India only? Well, yes. This can happen all over the world, but you see, it happens in places where this faster internet speeds. For instance the Sobig virus, which was used as a spam propogator, uses the faster internet speeds available in broadband for propogating millions of spam messages. India and China, which have been growing in their appetite for broadband internet have fueled this new bot wave. In fact, researchers from all over the world have said that the bot activity in the US and Europe has been static, but there has been a new wave of bot activity in Asia, especially from India and China, due to sheer numbers.
What is the vicious circle? Let me just tell you how some of practices which are innately Indian, fuel this sort of botmania. I am sure you would all agree that pirated software is rampant in this country. 70% of software in India is pirated. Most people use tools like Torrents or other peer-to-peer networks to download their favourite apps and give them a whirl. Many of these applications have key-gens or key generators which generate keys for a particular application and unlock the full versions of these apps. These keygens usually contain malware and when you run it, eager in anticipation of getting that new application, you want so badly, but are not willing to pay for, then that small trojan is installed on your machine and you are not the one who has the last laugh.
The other major issue with this bot menace in India is that the majority of our broadband consumers arent aware of Computer Security vulnerabilities. This is true of most countries, including the US, where the large percentage of Internet users are blissfully unaware, but it is worse in India. Compounded with the piracy issue and fledgling broadband industry and a general "cost sensitive" attitude (with reference to investing in Anti-Virus and Anti-Spyware solutions) India will be the next big botnet destination.
There is one other practice, that I want to highlight. This is not perhaps, directly related to bots, but it is a seriously unsafe practice. Coming back to my granny's house. Her WEP key, which the ISP had set up was her phone number. In India, most telcos provide the Internet bundled with a phone line, or they tie your Internet plan with your phone. So, they usually stick the phone number as your wep key. First of all, WEP is totally insecure and secondly, anyone would be able to access any other Wireless Access Point in an area, if they know the phone number, can freely mooch off other people's Wireless Internet connections. I tried to experiment with her neighbour's Wireless AP and it worked quite easily. This is another disturbing trend. In India, most broadband Internet connections are metered, i.e. consumers are charged based on their usage, and if we have a situation like this, some neighbourhood moocher can download 100s of GBs worth of data without ever having to pay for it. Most people wont even know what a WEP key is, forget changing it. Their laptops only need the WEP key once in their lifetimes and then they are pretty good to go. The telco engineer entered the WEP key in my granny's laptop for the first time, since then she has been good to go, totally oblivious that there is even something called a WEP key. Not to mention, the Wireless Router (Access Point) has a default username and password set, which is "really hard to break".
I think one can suggest a really really long list of protections for this sort of thing. Being in security, I hear of news exploits and protection mechanisms every day, but for me, it really comes down some basics. They are:
1. Don't open email attachments which look suspicious. Things like "You won a lottery" or "Cheap drugs" or from senders titled "me". These emails should be junked, and fast.
2. Use a good Anti-Virus Program. Use a Legitimate and Non-pirated Anti-Virus program. For all you recession freaks, AVG is a possibility (its free!!!), Avast is not bad either. It is quite good. More than just using an Anti-Virus make sure that it is updated regularly. Most Anti-Virus providers provide daily updates of their Virus definitions. Make sure that your AV Application is updated.
3. Use an AntiSpyware Application. Spyware from the Internet is one of the prime causes of malicious programs entering your system. MalwareBytes Free Anti-Malware Application is pretty good for this purpose.
4. Use Licensed Software. If you are using Windows for which you have no serial information, you are most likely using a pirated copy. Windows Update is required, as Windows is a bunch of holes and they issue a huge number of security patches for fixing bugs in Windows Security. Consider moving to other OSs like Ubuntu or Mandriva (Linux based OSs) if you are relatively tech-savvy or are open to experiment. They are not invulnerable to viruses and malware, but they are definitely more robust and relatively impervious to malware.Like I said earlier, Malware can spread through Key gens and cracked software downloaded from the Internet, so if you are not buying a commercial app, stick to Open Source.
5. If you are using Windows XP or Vista, enable Windows Firewall and Windows Defender (Vista only). They are not the best, but with good Anti-Virus and Malware tools, they keep you quite safe.
6. Wireless (In)Security. Dont use WEP keys on your Wireless Router. WPA is safer and definitely more recommended than WEP. Dont use easy to guess information as keys, like your phone number for instance. Also, dont forget to change the default password for administering your Wireless Router and Broadband Modem/Router.
