What can organizations do to protect their networks against these bots and their repercussions, big and small?
Aside from the traditional routes, which include network scanning and banning sites and applications that distribute these bots, technology and security professionals should be much more open to sharing information about these threats both inside the organization and with their peers.
There is a perception among security professionals that sharing information on attacks and threats is an admission of their failure to do what's needed to protect the network. However, bots are so prevalent due to the sheer fact that they make their authors so much money; there's no reason to believe that they will become less pervasive over time. When it comes to bots and other threats, information sharing is a critical weapon for the arsenal of security professionals.
The easiest way to start is to take advantage and contribute information about your own environment to threat feeds. Many organizations are hesitant to share information about their own environment, but distributors of this information have the technology in place to anonymize details in the effort to provide greater and more holistic intelligence to the larger community. The more people who share data, the better the data becomes.
Another way to share data, and this one is even more optimistic, is when an attack is identified and remediated. Sharing these details with the security community helps others understand potential attack vectors, as well as recovery options. We can, essentially, learn from past issues. It also serves to highlight the issue, to ensure others are taking real threats seriously.
As threats become even more prevalent and sophisticated, data sharing will become imperative. The data is only as good as our willingness to share. And, as hacking becomes big business, information sharing will be become on of our best defenses against hackers.
Sign up for CIO Asia eNewsletters.