How many botnets reside within your network? Are you worried about the almost certain fact that they do?
I described it to a colleague today as being similar to rats in a sewer. These insidious creatures crawl around within the dark tunnels of our global network usually remaining out of sight. We know they are there but unless we go on a hunt it’s unlikely we’ll actually see them. My colleagues’ view on the matter is as follows
“So in infosec nuisance malware is just that, but must not be allowed to take the focus. The focus needs to be what matters, the effects on the company and its information/reputation. So this comes down to managing the risks and knowing what the critical assets are rather than trying to protect every device and scrap of information as equals. … you have as much hope of protecting everything perfectly as removing the rats from the sewers of London.”
It’s a view I fully agree with. Instead of chasing rats, focus on protecting assets. We have little choice but to live with the nasty stuff so be aware that it is there, mitigate risk as far as you can, and don’t spend too much time trudging through the sewers because it’s not very nice down there!
There some more information on botnets here including a link to an interview with a botnet owner – won’t his parents just be so proud!
http://www.wormblog.com/2006/03/an_inside_look_.html (an excellent blog)