Why Botnets Proliferate: End Users Don't Care

It's hard to maintain a secure environment if everyone involved doesn't take on some degree of responsibility. I'd hope that someone who was told their machine was part of a botnet would immediately want to fix the problem, but it seems that hope might be naive.

picture from Shutterstock

Mike Rothery, first assistant secretary for the national security resilience policy division in the Attorney-General's Department, discussed this issue at the Digital Security Summit in Canberra yesterday. He noted that experience with AusCERT and other government bodies found that many people were entirely indifferent when informed that their computers were insecure:

About one in five people who are contacted and told their home machine is part of a botnet go 'so what?'

A typical scenario is that an old machine has been passed on to kids within the family. Under those circumstances, some parents disclaim all responsibility, Rothery said. Not only does that help botnets remain active, it also means multiple generations of people clueless about security emerge.

Under the circumstances, part of me hopes those parents end up with a massive bill for excess bandwidth. In an enterprise environment, this exact reaction wouldn't happen, but the responsibility for fixing the problem is likely to be bounced straight back to IT.


    Often "so what" literally means "what are the implications of this". It's easy to forget that not everyone is as techliterate as the IT personnel. If it's true indifference that we're talking about, we have telemarketers to blame - it's hard to seem credible calling someone on the phone and saying that their computer is infected.

    Both of my points could prove to be irrelevant with further clarification, it's just very hard to believe that the average person would act with nonchalance when informed that they're assisting illegal activities - IF they believe and understand the message.

    Last edited 26/07/13 11:04 am

      I believe communication is done via an email from your ISP with ACMA being the source of the communication. Recommendations are given on how to get rid of it etc.. but the emails are generally embedded with links... something end-user's are drilled to not click on.. so it's kind of pointless to send these things out in the way they have been.

      Don't click on links!
      Here's a warning message with links!


    If you click this link *here* it will be fixed. This is how scammers are targeting the average non tech literate. "Ma'am are you sitting down at your PC, it's infected. We can fix it for you. Go to this website and give us your credit card information"
    What you need is someone with regognisable authority and expertise to tell them. Like say Microsoft or IBM. ( another scam )
    Ma'am your computer is running slowely. Give me your credit card details and we will fix it for you.
    Several years ago didn't ISP's actually disconnect people who didn't fix their PCs connected to botnets? If ISPs offered an easy to use clean tool, that I trusted and didn't mean the average users need to pay someone else money to do for them, I think it would get better reception.

      iiNet do, for example, and I think there's a few others that do...

      Trend Micro Housecall is the one that most of the emails are recommending.. but they are doing so via a link rather than instructing people on how to find it manually, most likely thinking that if there are too many steps involved, people won't bother...

    I actually completely agree.. In such a busy world where we rarely get even 5 minutes to ourselves.. Why worry about something which has for all intents and purposes no impact on your home pc?


Join the discussion!

Trending Stories Right Now