Botnets: A growing threat against data security


By Paul Evans, Managing Director of Redstor.

Most businesses have felt the sting of a malware attack. Whether this is in the form of a virus, a worm or some ransomware taking your computer hostage. Taking the time to research and invest in quality data security tools like anti-malware and data backups can prevent these dangers from happening.

According to a PwC global economic crime survey, approximately 55% of UK firms have fallen victim to economic crime in the past two years compared with a global rate of 36%. Furthermore, Cybercrime isn't restricted by geographical location and is indeed a worldwide threat. Last year alone, the ten worst-affected states in the US suffered losses of more than 560 million dollars (US). California tops the list with 195 million dollars and Florida at 94 million. In the same year, the Ponemon Institute (HP) showed record highs, up 19% from previous years, in the cost of cybercrime on businesses across the US. Financial services were worst affected, followed by energy and utilities, and defence and aerospace.

Addressing the Botnet Plague

Imperva Incapsula's annual Bot Traffic Report reported that a total percentage of 48.5 was incoming online traffic from bots, good and bad in 2015. Bots have posed a threat since 2012 as they are able to spread themselves across the internet searching for vulnerable, unprotected machines to infect. Once they have found an exposed computer, they quickly infect it and then can remain hidden and undetected by the user.

Botnets require several machines working in tandem to infiltrate and bombard the targeted system and are entirely dependent on a compromised network. The first line of defence has to be securing that which exposes your company to the Internet. In a "Statement Before the Senate Judiciary Committee, Subcommittee on Crime and Terrorism" in 2011, the FBI warned against the "booming business of botnets" and their use by "criminals" and "cyber terrorists".

A recent DDoS attack in Ireland targeted their National Lottery whereby the website and ticket machines were brought to a halt. This disrupted trading but fortunately Irish National Lottery's statement allayed fears that confidential information had been affected. "The availability of 'DDoS as a service' and large-scale botnets for hire makes it relatively easy to launch an attack that can even disrupt the operations of large, robust public websites that are designed to handle high traffic volumes," said Mark Chaplain, VP EMEA for Ixia, experts in software security solutions.

1. Secure Your Network

At the ACM Conference on computer and communications security it was recommended that since botnets often use free DNS hosting services, disabling such services will prevent communication within the botnet, thereby crippling it.

Failing that, there is software that focusses specifically on combating botnet attacks. A quick search on Google will show the most popular ones. Norton, being one such software provider, recommends some of these important measures one can implement over-and-above anti-botnet software:

  1. Increase the security settings on your browser.
  2. Limit your user rights when online.
  3. Never click on attachments unless you can verify the source.
  4. Install security updates for your operating system.

2. Secure Your Data

Backing up your data is the penultimate protection against a data security breach, as the bulk of the cost associated with cybercrime is due to data loss, 42% in fact. Having a disaster recovery plan that includes on-site or cloud backups is no longer deemed a luxury when it comes to business risk mitigation. These data security measures could be the only thing that allows you to recover critical business systems to an operational state and save your business from financial ruin.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter