GCN LAB IMPRESSIONS
Botnet tracker locates zombies inside federal agencies
- By John Breeden II
- Apr 06, 2012
After spending the last few days at the FOSE trade show in Washington, D.C., I was left with the impression that, although companies might be financially pressed by the struggling economy, innovation is alive and well. In some cases, in fact, it seems companies are depending on innovation to ensure they produce exactly the right product for the market instead of spending resources developing a slew of features that their government customers may or may not need.
One of the most interesting and eye-opening example of this was a live demonstration of a global botnet tracker developed by Unveillance. The company has worked with Internet registers to track and divert traffic created by botnets to see where infections are taking place and how large a threat the prevailing network of zombie computers has become.
Looking at the global picture, we first got to see blips each time one of the tracked botnets tried to call back to its host server, a graphic digital illustration of the global nature of the botnet threat.
Taking in the environment at FOSE
However, things got really interesting when Unveillance managing director Erik Engebreth drilled down to see where the infected computers were located. There were 48 compromised systems within the Transportation Department, some of them actively pinging away at their nefarious tasks.
We went right down to the IP addresses of the zombie computers and saw what these compromised systems were trying to do: In one case, a handful of systems appeared to be taken over by bots within branches of the Defense Department.
Presumably, feds could use the information on the global tracker to find which systems were infected with malicious code and then fix the problem. And considering the many problems the tracker located in the federal government, that needs to begin right away.
Another interesting security product was Invincea Browser Protection software, a suite of tools that runs in conjunction with a standard browser and will trap any malware it runs across, allow it to run in a virtual environment to dissect its code, and then forward those results to those who can fix the problem.
We’ve seen this level of protection before with other companies, but this is the first one we’ve run across that functions at the desktop level instead of on an agency’s servers. That makes it perfect for telecommuting employees who need iron-clad protection but don’t have their own IT staff at home.
Leaving security, I was also impressed with the innovation shown by Boxlight in the audio-visual field. They were showing their ProjectoWrite WX25N LCD projector, which doubles as a completely interactive whiteboard. That’s impressive, but what really caught my eye was a little device they will be selling soon that can turn any projector from any manufacturer into an interactive whiteboard.
The device is a tiny 30-frames-per-second infrared camera that sits on top of a projector. Although this is not quite as good as ProjectoWrite’s internal 60-frames-per-second camera, the folks at Boxlight realize there are a lot of projectors in the federal government, and asking an agency to replace them all to add interactivity won’t happen anytime soon.
But if an inexpensive way could be found to add interactivity to any existing unit, then those DLPs and LCDs could suddenly become more efficient without being replaced.
That’s innovative. It’s also the kind of ingenuity shown in products like these that the times demand — and that ultimately will speed our economic recovery.
John Breeden II directs the GCN Lab.