- 10 open source companies to watch
- Mythbuster busts his own tale
- $208 million petascale computer gets green light
- Sony recalls 73,000 Vaio laptops
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
![]() |
|
|---|
If malware were insects, botnets would be termites -- they burrow in behind the walls of your security perimeter, lie dormant for a period of time, then attack.
Once a computer has been infested, it waits for orders from criminal bot herders, who turn these zombie computers into massive bot networks that spew spam and other malware across the Internet.
You may not be able to block the botnet invasion completely, but with layers of bot-hunting technologies and common sense, you can minimize the effect on your network.
Before you can battle the bots, you've got to understand the scope of the problem. "We've been in denial about the scale of the problem,'' says Michael Barrett, CISO of PayPal in San Jose, Calif.
In fact, in a recent survey of 394 Network World readers responsible for network security, a surprising 43.7% said that compromised clients were not a significant problem. Another 30.2% said that they have not seen evidence that any computer on the network has ever been infected.
Just because nearly three-quarters of respondents aren't on high alert, it doesn't mean the threat isn't there, says Rick Wesson, CEO of Support Intelligence, a San Francisco firm that tracks bot outbreaks. On any given day, his company's honeypot will trap all kinds of insidious and fraudulent spam coming from zombie clients.
"The deal is that these bot herders are pretty smart, operating systems are very vulnerable, and everybody gets bots. Most companies run pretty tight networks, but the idea that you are not going to have bot networks running on your systems is naive. We have a lot of data that says a sizable portion of the Fortune 1000 has bots," he says.
If the Fortune 1000 can't stop bots, smaller organizations and consumers don't have a prayer. The little guys have fewer resources to perform security updates or to monitor their networks and machines for strange traffic patterns, says Ken Lloyd, director of security for security service provider Cyveillance in Arlington, Va. Consumers are at the highest risk because they tend to have the least security, Lloyd says.
"Enterprises have the problem, too, no doubt about it," says Martin Roesch, CTO of intrusion-detection software-maker Sourcefire. Enterprises are most vulnerable to roving machines that aren't properly set up to fight off malware attacks. "That's when there's trouble -- it's people getting spammed over [instant messaging], or Trojans and viruses over IM, or getting these things in their in-box, or surfing where they shouldn't be with vulnerable versions of [Internet Explorer] and Firefox," he says.
In fact, Gartner predicts that 75% of enterprises will be infected by bots by year-end.

Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...

Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...

We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (7)
Yes Virginia, ALL networks are vulnerableBy wizodd on August 31, 2007, 12:17 pmI have to disagree. Merely because you have not YET _noticed_ an infection, does not mean that you cannot be, nor even that you are not, infected. EvVERY system,...
Reply | Read entire comment
Defense in depthBy Herb Oxley on August 21, 2007, 5:40 pmIn the case of people taking laptops out into the "wild" there are things which can be done to minimize risk which are within a small company or non-profit's budget...
Reply | Read entire comment
operating systems are very vulnerable??By Brew1Brew on July 14, 2007, 12:26 amYeah, this article seems to indicate that ALL Operation systems are vulnerable, but Windows is not all operating systems and the world is not flat! Corporate...
Reply | Read entire comment
What happens when employees take a laptop home?By Julie Bort on July 11, 2007, 1:02 pmSounds as if you have great security in place. But let me give you just one scenario of what happens with many companies. An employee takes a laptop home, surfs...
Reply | Read entire comment
attack of the killer botsBy Anonymous on July 10, 2007, 11:46 amI assume that the attacks are primarily on windows users. I wish there might have been information for firefox Linux users also.
Reply | Read entire comment
View all comments