By Kelly Jackson Higgins
Sept 24, 2009
Bot infections are on the rise in the enterprise, and most come from
botnets you've never heard of nor ever will.
In a three-month study of more than 600 different botnets found having
infiltrated enterprise networks, researchers from Damballa discovered
nearly 60 percent are botnets, and with only a handful to a few hundred
bots built to target a particular organization. Only 5 percent of the
bot infections were from big-name botnets, such as Zeus/ZDbot and
And Damballa has seen bot infections grow in enterprises as well, from 5
to 7 percent of an enterprise's IP address space and hosts last year, to
7 to 9 percent of them bot-infected this year. "Of all the enterprises
where we've gone into who are customers or as proof-of-concept, 100
percent have had botnet infections," says Gunter Ollmann, vice president
of research for Damballa. "It's more the smaller, customized and
targeted types of botnets [that infect the enterprise].
"Corporations have become very good at dealing with the larger threats
that get publicized -- they tend not to get affected widely by
Conficker, for instance."
Ollmann's colleague, Erik Wu from Damballa, today revealed this latest
research during a presentation at the Virus Bulletin Conference in
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News