What are Botnets and Why are MSSPs So Concerned?

/in


In part one of MSSP Alert’s series on botnets, we delve into the nature of botnets and why MSSPs and MSPs are so concerned about them.

Botnets can lurk undetected in an organization’s computer network for years, covertly and maliciously poking and prodding with malware aimed at finding a vulnerability to potentially launch a full-scale cyberattack that will cripple IT systems, steal sensitive data and impose a ransom demand while demanding a business’ reputation.

Botnets have the ability to infect an entire IT network, be it software, applications or any type of device that even scratches the surface of digital technology. Botnets are the product of “bot-herder” (i.e., hacker) that either physically or mechanically sends the bot from their command-and-control servers to an unknowing recipient via file sharing, email, social media application protocols or via other bots as an intermediary.

When someone opens a malicious file on their computer, the bot reports back to command and control where the bot-herder can dictate commands to infected computers, Palo Alto Networks explains. In fact, bots can be updated by the bot-herder to change their entire functionality based on what he/she would like for them to do, and to adapt to changes and countermeasures by the target system.

Botnet Business Booming

Josh Smith, threat intelligence analyst for Nuspire, a Commerce, Michigan-based MSSP, believes that botnets don’t often receive the media attention that ransomware attacks do. Regardless, MSSPs, MSPs and the cybersecurity industry in general are keenly focused on botnets.

However — often much to their frustration — Nuspire’s customers are not always as aware of botnets as they should be, Smith said. Nor are their customers’ employees taking the appropriate measures to protect against bot intrusions.

“Botnets are quiet, sneaky and don’t make the headlines,” he said. “They get remediated. They get fixed. They get cleaned. But they’re still a very big threat to organizations everywhere.”

According to Nuspire’s recently released 2023 Cyber Threat Report, botnets saw a 25% year-over-year increase in activity, with the Torpig Mebroot botnet comprising 56% of all botnet…

Source…