By Peter Piazza

In I, Robot, Isaac Asimov’s classic science-fiction novel, robots are hardwired with three rules: They cannot harm humans either through action or inaction; they must obey orders from their human masters; and they must preserve themselves, except if doing so would violate the first two rules.

In the real world, rule number one isn’t yet a prime directive. But software robots known as “bots” have been programmed to diligently adhere to the second two: They follow the orders of their human masters, and they are hard to kill. And while they can’t directly cause bodily harm to human beings, they can destroy the networks that modern economies and infrastructures are built on.

Bots are beginning to prove how efficient, and how dangerous, they can be. This past summer, for example, many large organizations, including media outlets such as The New York Times and CNN, were infected with a worm called Zotob. Zotob was one of a new generation of worms that carry bots in their payload, thus handing total control of the infected computer to the bot master. (Worms are pieces of self-replicating code that can spread across a network without help from humans.)

According to security experts, Zotob—and thus the bot carried in its payload—was spread in large measure by poorly protected laptop computers that became infected, then passed along the bots when plugged into their corporate networks. If companies are to prevent bots from usurping control of their computers, they must get better at preventing infection in the first place. That likely means they will have to find an automated way to interrogate and assess every computer connected to the network to ensure that it adheres to a strict security policy.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.