A Quick Guide to Combat Botnets
Botnets pose a common threat today for all enterprises. A botnet which is formed by the words ‘robot’ and ‘network,’ is a type of software application that has the capabilities to perform tasks on command. Hackers use Trojan viruses to hack into the security of various computers and also rearrange all the infected systems into a network of bots that can be controlled remotely. There have been multiple events in the past which includes the famous Equifax breach where private information of 143 million customers was hacked, and a similar case also occurred in the CIA. All these breaches have proved that no matter how sophisticated and powerful a defense mechanism is, it has a very high chance of getting compromised with the help of processes and techniques by hackers.
Most of the problems are due to the lack of vulnerability testing, feeble security practices, or too much dependent on anti-virus software that cannot provide strong protection. Another reason often seen is the lack of communication between the security team, IT administrators and the help desk. To deal with botnets, enterprises need to have an efficient incident-response approach. A detailed flight plan is also beneficial in addressing the network access, suspective users, and data management among others to counter the effects of a powerful malware attack.
Encryption, covert channels along with domain name system changes (known as ‘fast flux”) are highly effective against botnets. Applying firewall rules can also stop the inbound and outbound of traffic as well as implementing a stopgap network access list to prevent any malware attack. For bot removal, a simple anti-virus will not be sufficient to detect advanced malware attack and anomalous behavior and hence, in such cases,running multiple antimalware tools will be a better option.
By Nancy S. Wolk, CIO, Alcoa - Global Business Services
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Bryson Koehler, EVP & CIO, The Weather Company, an IBM...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Lowell Gilvin, Chief Process Officer, Jabil
By Dennis Hodges, CIO, Inteva Products
By Gerri Martin-Flickinger, CIO, Adobe Systems
By Walter Carvalho, VP& Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Kushagra Vaid, GM, Server Engineering, Microsoft
By Steve Beason, Enterprise CTO, Scientific Games
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Alberto Ruocco, CIO, American Electric Power