Researchers are warning universities that they're at risk of being hit with massive distributed denial-of-service attacks when they scan their own networks. According to Doug Pearson, technical director of Ren-Isac, the Storm botnet, a massive botnet that the hackers have been amassing over the last several months, has developed a counter-attack to computers that are trying to weed it out. The botnet is set up to launch a distributed denial-of-service (DDoS) attack against any computer that is scanning a network for vulnerabilities or malware.
Ren-Isac, which is supported largely through Indiana University, recently issued a warning to about 200 member educational institutions and then put out a much broader alert, warning colleges and universities that their networks could come under heavy attack. According to the alert, this new Storm botnet tactic presents more danger to schools than it is to corporate enterprises simply because of the placement of the scanners. Pearson explains that universities and colleges often have their scanners on a public network making it visible to the Internet at large. If it was protected on a private network, the way it's done with most enterprises, the botnet would not be able to find it so there wouldn't be an IP route to send the DDoS packets.
Don Jackson of SecureWorks said in an interview that slowly but surely IT managers and consumers are getting better at blocking or at least ignoring the e-mail attacks, so the Storm worm authors are setting up a secondary attack venue.
Read the full article at InformationWeek.