GNSC Blog

IBM’s X-Force security division reported that more than 90% of all  browser-related exploits occurred within 24 hours of an official vulnerability disclosure, and that most botnets were created using this flaw.  

What this means is that within one day of a vulnerability being announced, cyber-criminals are deploying code that can take control of an uppatched or unprotected computer user’s PC and use the PC as part of their botnets.  Botnets are computers that are controlled by a rogue user that when grouped with thousands, even millions of other similar computers, can be used for the delivery of spam or denial of service attacks.   

This demonstrates the need for three main things:

1. Good patch managment
2. Updated anti-malware software that goes beyond your standard AV program
3. Good security awareness training for your employees

These three things give you an effective defense against the botnet masters, not a 100% defense but one they don’t typically factor in.  Like any criminal looking for a easy steal, they’ll look for the unlocked and undefended places first.

If you have any questions about how to establish any of these three layers of protection, please contact us.  Your blog questions are welcome.