Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
Network Security
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical FW: [ISN] Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected

  • From: Howell, Paul
  • Date: Fri Sep 25 08:16:02 2009 
I think this says something about the failure of anti-virus as the last
line of defense.


-----Original Message-----
From: isn-bounces@infosecnews.org [mailto:isn-bounces@infosecnews.org]
On Behalf Of InfoSec News
Sent: Friday, September 25, 2009 1:16 AM
To: isn@infosecnews.org
Subject: [ISN] Up To 9 Percent Of Machines In An Enterprise Are
Bot-Infected

http://www.darkreading.com/insiderthreat/security/client/showArticle.jht
ml?articleID=220200118

By Kelly Jackson Higgins
DarkReading
Sept 24, 2009

Bot infections are on the rise in the enterprise, and most come from 
botnets you've never heard of nor ever will.

In a three-month study of more than 600 different botnets found having 
infiltrated enterprise networks, researchers from Damballa discovered 
nearly 60 percent are botnets, and with only a handful to a few hundred 
bots built to target a particular organization. Only 5 percent of the 
bot infections were from big-name botnets, such as Zeus/ZDbot and 
Koobface.

And Damballa has seen bot infections grow in enterprises as well, from 5

to 7 percent of an enterprise's IP address space and hosts last year, to

7 to 9 percent of them bot-infected this year. "Of all the enterprises 
where we've gone into who are customers or as proof-of-concept, 100 
percent have had botnet infections," says Gunter Ollmann, vice president

of research for Damballa. "It's more the smaller, customized and 
targeted types of botnets [that infect the enterprise].

"Corporations have become very good at dealing with the larger threats 
that get publicized -- they tend not to get affected widely by 
Conficker, for instance."

Ollmann's colleague, Erik Wu from Damballa, today revealed this latest 
research during a presentation at the Virus Bulletin Conference in 
Geneva. 

[...]


------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.