BotNet Armies Uncovered

It's disturbing to know that the FBI recently uncovered over 1 million computer systems under the control of botnet operators. Even more disturbing is that these are only systems that:

1. Have been found - surely there are way more.
2. These are only systems found in the U.S. - certainly a small proportion of the amassed botnet armies worldwide.

For the average citizen and small / medium sized company - the threat of being the recipient of such a botnet attack is small - unless of course, you are in the public forum - particularly a controversial one. However, as this article points out - the need for citizens, and anyone who owns a network for that matter, must be diligent about protecting their systems from being compromised - and exasperating the problem.

How you ask? Following network and security management best practices is a start. From a high level, here is how such a process might work:

1. Assess: the world around us changes constantly and so must our protection mechanisms. Continuous efforts to identify and assess the risk of new and existing threats leads us to an understanding of what needs to change and why.

2. Be Proactive: constantly assessing what is going on around us is a good first step. It is also 'best practice' to: (a) apply preventative maintenance measures to reduce the threat of exploitation; (b) monitor the network for unusual activity so that reactive measures can be taken immediately at the first sign of trouble.

3. Continuous Improvement & Change Management: by instituting a process that forces us to plan changes to our network we are able to make sure that security is taken into consideration early on. Secondly, the information we glean from monitoring and maintaining the network enables us to identify potential issues that might later cause grief - and address them ahead of time.

There is one additional benefit to following this approach: it costs less in the long run! Unnecessary downtime, lost productivity, emergency service calls and unplanned capital expenditures can all be reduced or eliminated leading to much improved returns on IT capital investments - not to mention less gray hair and aggravation.