AOH :: ISNQ5453.HTM

Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected




Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected
Up To 9 Percent Of Machines In An Enterprise Are Bot-Infected



http://www.darkreading.com/insiderthreat/security/client/showArticle.jhtml?articleID=220200118 

By Kelly Jackson Higgins
DarkReading
Sept 24, 2009

Bot infections are on the rise in the enterprise, and most come from 
botnets you've never heard of nor ever will.

In a three-month study of more than 600 different botnets found having 
infiltrated enterprise networks, researchers from Damballa discovered 
nearly 60 percent are botnets, and with only a handful to a few hundred 
bots built to target a particular organization. Only 5 percent of the 
bot infections were from big-name botnets, such as Zeus/ZDbot and 
Koobface.

And Damballa has seen bot infections grow in enterprises as well, from 5 
to 7 percent of an enterprise's IP address space and hosts last year, to 
7 to 9 percent of them bot-infected this year. "Of all the enterprises 
where we've gone into who are customers or as proof-of-concept, 100 
percent have had botnet infections," says Gunter Ollmann, vice president 
of research for Damballa. "It's more the smaller, customized and 
targeted types of botnets [that infect the enterprise].

"Corporations have become very good at dealing with the larger threats 
that get publicized -- they tend not to get affected widely by 
Conficker, for instance."

Ollmann's colleague, Erik Wu from Damballa, today revealed this latest 
research during a presentation at the Virus Bulletin Conference in 
Geneva. 

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org 

Site design & layout copyright © 1986-2014 CodeGods