SMBs Often Hit Hardest By Botnets

May 6, 2009
By Kelly Jackson Higgins
Courtesy of DarkReading

Bot infections and spam can be 'silent killers' for small and midsize businesses due to drain on e-mail servers and network resources.

A small or midsize-sized business is ultimately a more attractive target for spammers, botnet operators, and other attackers than a home user mainly because it has a treasure trove of valuable data without the sufficient IT and security resources to protect it.

Security experts say that while large enterprises are getting hit hard by bot infections and related attacks, it's the SMBs that are getting hurt the worst. Home machines are obviously the easiest target, but SMBs are relatively defenseless as well given their lack of IT resources and budgets to build out layered security like the big boys do.

They are also potentially more lucrative targets for botnets and attackers than consumers because getting a foothold into a business's network, small or midsize, translates into a potentially better yield than "owning" a couple of home machines, says Randy Abrams, director of technical education for Eset. "It makes a targeted attack a profitable investment," Abrams says.

SMBs can also provide botnet herders with easy-to-grab business-class machines for their armies. "The key reason SMBs might be more attractive to botnets is they have business-class machines but limited resources in IT to protect them," says Phillip Lin, director of marketing for FireEye. And their all-in-one security approaches can be easy to bypass, he says.

Don't Miss:

Pandemic Security: Is Your Business Ready For Swine Flu And Other Real Viruses?

Security Outsourcing: The Right Move For SMBs?

Conficker Making Its Move, Finally

Spammers use their botnets not only for sending their unwanted e-mail to SMBs, but also for gathering new e-mail addresses in addition to new bot recruits. "They are after sensitive data as well," says David Setzer, CEO of Mailprotector, an e-mail security service provider. They want to recruit a new spam relay/bot, but they also throw in a keylogger to sniff for usernames and passwords, and try to grab as much lucrative sensitive data as possible, he says.

"It kind of a Swiss army knife of malware [they figure] they might as well get all the goodies they can out of" the SMB, he says.

While Setzer says he can't pinpoint any specific botnets that focus on hitting SMBs, more SMBs tend to get hit because they don't have the horsepower to handle the threats. A DSL line or DS3 connection can be no match for a botnet spamming and waging a directory attack, he says.

Go to Dark Reading

Next Page: Botnets, Spammers, Phishers Target SMBs

1 2 Next Next

Find pre-screened vendors to grow your business

Get key info on the products you need

bMighty White Papers

View More Whitepapers.

Browse by Category

bMighty Tech
Term Of Day:

Web monitoring

Boost your tech
vocabulary!
bMighty's SMB
TechEncyclopedia
defines more than
20,000 IT terms.

FREE Technology Services Locator!

Search our database of 200,000 solution- provider locations by business activity, technology, vertical market, and customer size. Find a technology partner NOW.