Botnet gangs targeting your data

2014-02-17 12:06
Government departments and agencies should not be granted exceptional exemptions to the provisions of Popi legislation, a security firm says. (Duncan Alfreds, News24)

Government departments and agencies should not be granted exceptional exemptions to the provisions of Popi legislation, a security firm says. (Duncan Alfreds, News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Cape Town - While the global economy may be stuttering, the botnet economy is healthy, a security firm has said.

According to Arbor Networks, an advanced protection company, the online criminal economy is thriving, especially as companies use "botnets for hire" to target rivals.

"Botnets can be used for a variety of purposes: DDoS attacks, sending spam, stealing credentials, keystroke logging, and more.  When being used for DDoS attacks, the cost of DDoS attacks actually varies based on the 'features' of the botnet," Anton Jacobsz, managing director of Networks Unlimited, the distributor of Arbor Networks in Sub Saharan Africa told News24.

A botnet is usually a group of computers infected with malware that operate by following instructions from a central server to attack a company network.

Criminals will typically attack critical network infrastructure that limits the ability of the firm to do business and demand a ransom to call off the attack.


Jacobsz said that botnet sellers offer guarantees of service for a criminal enterprise and cost it appropriately, depending on the target.

"The sellers of botnet services market features such as excellent ping and uptime, multiple ISPs, easy-to-use graphical interface, and even performance SLAs [Service Level Agreements].  The cost can also vary depending on the number of bots being used in a DDoS attack."

Attacks can also be carried out on orders from a rival company and because it can potentially embarrass a firm if it is forced to reveal that its data has been compromised, few report attacks to authorities.

"Ideally, companies would report every DDoS attack to law enforcement.  In practice, they hardly do because of variety of reasons including lack of resources and time, low confidence in law enforcement investigative efficacy, and even corporate policy. Many of the attacks are sourced from other countries, and they don't know how or want to deal with foreign jurisdictions," Jacobsz explained.

Although the Protected Disclosures Act of 2000 indicates some responsibility for company employees to disclose that a crime or miscarriage of justice has been committed and will likely be committed in the future, it does not oblige employees to report such impropriety to authorities.

The act merely facilitates an environment designed to protect whistleblowers from losing their jobs or being prosecuted should they make damaging revelations.

"Most companies would rather not deal with the bad publicity and simply sweep it under the rug.  Because disclosure laws have lacked any real teeth, this is still the case," said Jacobsz.


He argued that consumers have a right to know that their data on company computer systems may have potentially been stolen.

"Consumers should know when their confidential data has been stolen or when services have been attacked, and by forcing companies to disclose, firms might take more care in protecting their services and data."

He advised computer users to ensure that all software was up to date and warned people to be aware of common social engineering tactics used by criminals to gain access to a PC.

"Since social engineering is the most common to get malware on the PC, the average user should be cautious when installing any software, clicking on links from IM clients, or reading the unsolicited hot stock tip in their mailbox."

- Follow Duncan on Twitter
Read more on:    cybercrime

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.