http://www.darkreading.com/insiderthreat/security/client/showArticle.jhtml?articleID=220200118 By Kelly Jackson Higgins DarkReading Sept 24, 2009 Bot infections are on the rise in the enterprise, and most come from botnets you've never heard of nor ever will. In a three-month study of more than 600 different botnets found having infiltrated enterprise networks, researchers from Damballa discovered nearly 60 percent are botnets, and with only a handful to a few hundred bots built to target a particular organization. Only 5 percent of the bot infections were from big-name botnets, such as Zeus/ZDbot and Koobface. And Damballa has seen bot infections grow in enterprises as well, from 5 to 7 percent of an enterprise's IP address space and hosts last year, to 7 to 9 percent of them bot-infected this year. "Of all the enterprises where we've gone into who are customers or as proof-of-concept, 100 percent have had botnet infections," says Gunter Ollmann, vice president of research for Damballa. "It's more the smaller, customized and targeted types of botnets [that infect the enterprise]. "Corporations have become very good at dealing with the larger threats that get publicized -- they tend not to get affected widely by Conficker, for instance." Ollmann's colleague, Erik Wu from Damballa, today revealed this latest research during a presentation at the Virus Bulletin Conference in Geneva. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Thu Sep 24 2009 - 22:16:22 PDT
This archive was generated by hypermail 2.2.0 : Thu Sep 24 2009 - 22:25:14 PDT