The bust of a Spanish botnet called Mariposa is both good news and bad news.
It’s good news because of the public-private and international cooperation used in making the case.
A Canadian company cooperated with Georgia Tech in the U.S. and a Spanish firm, Panda Security as well as Spanish law enforcement.
This kind of effort represents a model bad guys should fear.
(Picture from Defense Intelligence, the Canadian company that first identified and eventually helped to stop Mariposa.)
The bad news is that the Mariposa hackers weren’t super-programmers, but what critics call “script-kiddies,” albeit with ties to organized crime.
At its height Mariposa infected 12.7 million PCs, swiping credit card numbers and online banking information, infecting half the Fortune 500 and 40 major banks. If relatively unsophisticated programmers can build that, you have to wonder what the sophisticated ones can do
All of which means the cat-and-mouse game between cyber-criminals and cyber-cops will only continue to escalate. I’m glad we have the good guys on our side, but wholesale changes to the Internet’s architecture may be required to end this game once-and-for-all, or even to limit it.