Botnet - Top Security Concern for Organizations

A recent study by Arbor Networks suggested that DDoS (Distributed Denial-of-Service) attacks and botnets have become the top security issues for Internet Service Providers (ISPs).

Arbor Networks conducted a survey involving 75 major ISPs, other providers and hosting companies. It published the findings in its third yearly infrastructure Security Report on 17 September 2007. The result showed that botnets have overtaken DDoS attacks as the gravest of the concerns for organizations.

DDoS attacks pose a big problem as it constantly changes its trends. Since 2000, as mid-level DDoS threats have been inflicting the Internet, the survey respondents reported that there existed a widening distance between ordinary 'amateur' attacks in the mid-level and professional attacks in 'multi-gigabyte' that involved innumerable zombie hosts. Many of the surveyed ISPs pointed at the significant developments in co-ordination and sophistication of the DDoS assaults.

The botnet programs, according to the survey result, infect millions of computers around the world. The ISPs admitted to spending more resources and time in fighting botnets than they did previously when asked by the Arbor researchers.

Infrastructure providers have been finding the botnets very difficult to locate since the people controlling the zombie PCs are employing even more advanced techniques to evade detection, said Craig Labovitz, chief scientist at Arbor. PCworld.com published this news on 18 September 2007.

According to Labovitz, since it is difficult to correctly assess the magnitude of the threat, infrastructure providers fear that they might be only rubbing the iceberg tip in handling the botnet incident.

The researcher said that even if the attacks target a small set of Websites, still the impact on the provider could be enormous based on the narrow focus.

The use of peer-to-peer (P2P) botnet expansion strategy that has resulted the Storm worm problem to recur in generating add on infections has also helped the current botnet community to move ahead rapidly, according to Arbor.

Arbor Networks Chief Research Officer, Danny McPherson, said that this is not the right time for ISPs to feel excessively confident regarding their defenses. He also said that since cyber-criminals always adapt and search for weaknesses, there should be no complacency regarding the network security. InfromationWeek.com published this on 18 September 2007.

Related article: Botnet Misuses Google Analytics

» SPAMfighter News - 10/5/2007