According to an article by Sharon Gaudin on InformationWeek, cybercriminals are splitting up their giant botnets, which have been diligently built up in the recent months, into smaller pieces to make them more agile, more easily hidden from detection, and easier to manage.
Iftach Amit, director of security research at security company Finjan tells InformationWeek that "smaller botnets get the job done, but smaller botnets generate a lot less traffic. That makes them harder to detect because they make much less noise. They fly under the radar when you're looking for anomalies in behavior." He adds that many botnets are operated from a single command center. If security researchers or law enforcement find that command center, the botnet is effectively shut down. However, if the hacker splits the botnet up into several smaller botners, each with its own command center, if one goes down, the others remain operational.
No apparent news yet link the Storm worm botnet to this trend. It was noted, however, that the Storm worm botnet is not controlled by one command center, which has made it difficult for researchers to shut it down.
Read the full article here.