Showing posts from June, 2019

Know Your Enemy: Botnet Command and Control Architectures

Know Your Enemy: Botnet Command and Control Architectures What would you do if your company’s IT devices were discovered to be part of a botnet? In October 2018, dozens of companies’ Hadoop servers were found to be compromised and participating in a self-replicating botnet. The botnet’s malware was able to install itself via a vulnerability in Hadoop that had been publicly known for over two years [1]. Botnets are a significant threat to U.S. online infrastructure. According to Kaspersky Labs, the majority of cyber attacks originating from botnets in 2018 targeted financial services and online stores [2]. Botnets are a domestic as well as international threat. According to F-Secure, a Finnish cyber security company, the majority of international attacks against the U.S. originate from Russian IP addresses [3]. In simple terms, a botnet is a set of hijacked computers that is used to attack other network-connected devices. An attack might be a Distributed Denial of Service (DD