Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, June 21, 2013

Botnets now target enterprise apps

According to Jan Poczobutt, vice president of sales at Barracuda Networks, botnets traditionally only picked on a few computers, are initiated through a command-and-control (C&C) server and were used for spamming during distributed denial of service (DDoS) attacks. Enterprises could simply filter botnets by adding them to the spam list but today, attackers have changed the way they use botnets, Poczobutt noted, speaking to ZDNet Asia in a phone interview on Friday. For example, botnets are able to go into the applications and through a series of apps looking like user request, they can bring down entire applications, he explained.


He explained there was a correlation between applications used for business transactions in more connected locations, which leads to them having a higher chance of being infected.

Singapore for example, was one of the countries with the highest number of infected computers by Citadel, because it was one of the most connected nations worldwide, Poczobutt pointed out.

Moving forward, IT managers should not just respond to the latest botnet attacks but make sure there is a way to tackle attacks used commonly such as SQL injections which steal data from Web-based applications, he noted.

“I think of a botnet as an infrastructure, I can make it perform different attacks and there are different limits to the kinds of specific botnet attacks that can be launched,” Poczobutt noted, adding the constant evolution of botnets is “like a cat and mouse game”.


Posted on 06/21