Botnets getting harder to find and fight

If you thought that botnets were getting harder to detect and remove, you are probably right. Over at Network World, Bill Brenner, a CSO, drew up a list of why this perennial problem is getting even harder to eliminate.

For one, the current media attention to the most prolific--or should I say, most notorious--botnet, is only the tip of the iceberg. Many other botnets actually operate below the radar, or remain undiscovered--and their operators are happier for it. The Cimbot, for example, accounts for 15 percent of the world's spam, utilizing stolen processing powers and Internet connectivity to do its dirty work. In addition, hackers are increasingly moving toward more peer-to-peer based architecture, which further obfuscates their operation.

In addition, increasingly savvy users continue to install applications, without oversight from their IT departments. Many of these applications are used to move sensitive information beyond the enterprise network. The dramatically increased surface area represents a much larger risk should even one computer become compromised.

A lot more can be said about this issue, though as far as mitigation is concerned, things don't seem to have changed much over the years. In a rapidly shifting landscape where attackers are employing all manners of sophisticated social engineering tricks, user education remains a key defense.

For more on this story:
- check out this article at Network World

Related Articles:
IBM: Conficker affects 4 percent of PCs
Security companies: Conficker worm fears exaggerated
Conficker evolves, adds new capabilities
Advanced variants of Conficker spotted