I am constantly hammered for downplaying the "inside threat" and focusing on external attackers. Several months ago I noted the Month of Owned Corporations as an example of enterprises demonstrating security failures exploited by outsiders. Thanks to Bots Rise in the Enterprise, it appears the external threat is finally getting more attention:
Who says bots are just for home PCs? Turns out bot infections in the enterprise may be more widespread than originally thought.
Botnet operators traditionally have recruited "soft" targets -- home users with little or no security -- and the assumption was that the more heavily fortressed enterprise was mostly immune. But incident response teams and security researchers on the front lines say they are witnessing significant bot activity in enterprises as well...
Rick Wesson, CEO of Support Intelligence, says the rate of botnet infection in the enterprise isn't necessarily increasing -- it just hasn't been explored in detail until recently. "What's changing is the perception. It's been underestimated, underreported, and underanalyzed," Wesson says. "Corporate America is in as bad shape as a user at home."
Wesson says his firm, which does security monitoring, instantly finds dozens of bot-infected client machines in an enterprise customer's network when it starts studying its traffic. "We find dozens of bot-compromised systems off the bat. The longer we stay in [there], the more we find." (emphasis added)
Wake up, corporate America (and the world). When you open your eyes you're not going to like what you see, but dealing with the truth is better than pretending everything's ok.