According to zombie lore, a surefire way to destroy one of the living dead is a shot to the head.
Now, EU’s cybersecurity agency, ENISA, has published a study on botnets, also known as cyber zombies. But neutralizing these zombies may be more difficult than their horror-movie brethren.
The report, titled “Botnets: Measurement, Detection, Disinfection and Defence,” discusses the government’s role in battling botnets, what legislation is needed, and whether consumers can trust published numbers about botnets, among other issues.
“The botnet numbers define the political agenda and they determine 100’s of millions of euros of security investments ““ we should understand what is behind them,” said report editor Dr. Giles Hogben. Nonetheless, the report reveals that many botnet figures are likely to be inaccurate, and even a few bots can wreak serious havoc.
“Size is not everything ““ the number of infected machines alone is an inappropriate measure of the threat,” Hogben surmised.
The report identifies a few factors that have contributed to the increase of botnets: The ease and cost of infecting a user's PC with malware; the profit which can be gained by operating a botnet; and the probability and severity of criminal sanctions against the perpetrator.
The report also shines a light on how to measure botnet size and includes 25 different types of best-practices to attack botnets from all angles: neutralizing existing botnets, preventing new infections and reducing the profitability of cyber crime using botnets.
Additionally, the report stresses the need for a close international collaboration between governments, technically oriented, and legislative institutions.
“Global cooperation is indispensable for successful defense against botnets,” concluded professor Udo Helmbrecht, ENISA’s executive director.