My post about DriveCleaner and the way it enters your computer the other day, reminded me of how easy it is to set up and distribute a Botnet. And it is time to resurface this phenomena.
A Botnet is a collection of computers, running an automatic software. Usually Botnets are considered maliciuos, as in spamming, distribution attacks and other threats.
It is very easy to get infected - after all, just a click on the button in a website may install the node in your computer. When it is inside your company network, it will start looking for other computers on the local network to infect. Before you know, your network is bogged down with attacks, spamming and DDOS attempts. Or it is used to distribute illegal materials like child porn.
The Botnet is controlled by someone as well. This person, or group, has direct access to your computers, your files, and your network. They may steal, copy or manipulate any and all information your have locally. They may even use your computers, your e-mail and your documents to act on your behalf.
What can you do?
This is a typical case where you need very clear rules about how your employees use their computers. What are they allowed to do? Remember to explain why!
Policies alone will not take care of it, you need to add technical security as well - IPS technologies will help. Network monitoring will help. And setting adequat permissions on your computers will help. Segmenting and designing your network for security is important.
In addition, you need management acceptance. If the management do not understand, or care, the rest of the organization is less likely to care.
Recent comments
28 weeks 6 days ago
29 weeks 13 hours ago
29 weeks 20 hours ago
29 weeks 1 day ago
29 weeks 1 day ago
29 weeks 2 days ago
32 weeks 3 days ago
33 weeks 5 days ago
36 weeks 5 hours ago
36 weeks 2 days ago