In the past, Microsoft Chairman Bill Gates had predicted that spam will no longer be an online security issue, and he pointed to the end of 2006 as the milestone for the problem to be resolved. As botnets are gearing toward the core of online crime, with Symantec identifying in excess of 4.5 million zombie PCs just in the first half of 2006, spam will not only survive into 2007, but it will also be at the centerstage of 2007, together with its source: botnets.

"Botnets are really where it's at for serious cybercriminals, because of their concentrated power," commented Aaron Kornblum, a senior attorney with Microsoft's Internet safety enforcement team. "That power can be used for all sorts of malicious conduct on the Internet."

In Kornblum's perspective, botnets are situated at the heart of the current cybercrime, providing an infrastructure that drives spam campaigns, phishing schemes, distributed denial of service attacks and even clickfraud.

Microsoft's Internet Safety Enforcement team, a group of more than 65 persons - Aaron Kornblum included - has been focusing on combating various aspects of cybercrime from spam to child pornography.

Phishing is another example of illegal activities associated with botnets. "Unfortunately, we continue to see phishing as a serious threat," Kornblum explained. "They're moving away from the top banking brands like Citibank ... and they're moving down to mid-level and smaller-market financial institutions like credit unions and community banks, which may not have done as much consumer education."

According to data from Postini Inc., there are generally in excess of 50,000 compromised computers spreading malware or providing the infrastructure for spam campaigns, at any given time. The fact that such botnets operate only for a reduced period of time makes them virtually impossible to identify and stop.