Bamital Botnet Spells Remediation Opportunities

Symantec and Microsoft once again joined forces to shutter the Bamital botnet and disrupt the cybercrime ring behind the operation. And for the channel, the dearth of advanced threats such as Bamital will inevitably give rise to deeper remediation niches.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Major security events are never isolated incidents. While the world sees the high-profile destruction of a major attack, the channel is often tasked to clean up the damage and shore up security holes long after the news has faded into oblivion.

The same will likely hold true in the wake of the most recent takedown of the Bamital botnet.

Related articles

In the latest chapter of an ongoing botnet saga, both Symantec Corp. and Microsoft Corp. once again joined forces to take down a global botnet, dubbed Bamital and disrupt an international cybercrime ring by shuttering servers that turned hundreds of thousands of PC into remote controlled drones.

According to Reuters, which first broke the story, the Bamital operation employed search engine poisoning techniques to distribute malware along with schemes to fraudulently charge businesses for online advertisement clicks.

The masterminds behind Bamital then leveraged the compromised PCs to initiate identity theft activities, block or deface Web sites and swipe sensitive data, among other things. By many reports, the botnet had some power behind its punch -- according to Symantec's estimates, the malicious network had infected anywhere between 300,000 and a million PCs.

That’s the news. But how does this affect the channel? For one, as with major security incidents in years past, security solution providers will most likely be on the front lines, responding to the fire alarms with their own combination of remediation tools and services.

In an effort to minimize the damage, both Microsoft and Symantec have offered victims free tools to fix PCs and restore access to Web searches via automatic messages. Now for major enterprises with armies of IT gurus at their disposal, remediation efforts represent not much more than added headaches and a few hours of overtime. But for the majority of SMB or mid-size organizations that lack IT staff, tools and security expertise, remediation efforts might present more formidable challenges.

And that inevitably is where the channel comes in. Thus, solution providers have windows of opportunity to conduct analyses, clean and refresh infected computers and then harden systems with adequate security mechanisms. And global threats such as Bamital and others also give rise to channel-led best practices education and incident response consulting, offered at a premium to attack-wary victims.

Response to Bamital will likely be no different than for any other threat. Historically, the channel has typically benefited from a windfall of business in the wake of major botnet clean ups and other widespread security incidents. Security partners invariably received a few more phone calls from Apple-loving customers after the notorious Flashback Trojan swept across more than 600,000 users’ Mac OS X machines at the height of the attack.

Security partners were also armed and ready following the discovery of a remote code execution vulnerability occurring in how the Sophos Ltd anti-virus engine scans Visual Basic 6 compiled files as well as malformed PDF files. And without fail, security partners come to the rescue when an anti-virus vendors issues faulty updates, which have occurred over the last few years in well-reputed products from Sophos, Symantec and McAfee Inc.

That said, for many security solution providers, response to widespread but erratic threats are simply part of the job. And remediation, while important, has typically has been an seen as inherent part of standard security solution provider portfolios.

However, with the exponential rise of advanced malware, it might be a good idea for security solution providers to bulk up their arsenal of remediation tools and build out practices.

The dearth of stealth malware, and resulting infections, has also heralded a rising demand for response and remediation. A Global Industry Analysts report project that the patch and remediation software market is on a set course to reach $736 billion by 2018, driven by the emergence of vulnerabilities and increasing sophistication of exploits, increasingly stringent compliance regulations mandating security policies and reliance on automated solutions as well as high profile and successful attacks prominently reported in the media.

In the past few months, that increasing demand has been filled by Check Point Software Technologies Ltd.'s recent launch of its Incident Response service. And last month, PC manufacturer Hewlett Packard Co. edged further into the security services game, not with another detection and prevention tool, but with a Breach Management Solutions service that cleans up the mess in the aftermath of a cyber attack.

Similar services are sure to follow – a trend that could ultimately compel the channel to further develop standalone niches that save the day in the wake of disaster.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Channel Business
call-centre-india-bpo

Cloud bringing BPaaS opportunities

NetSuite and partner talk ways channel partners can capitalize in changing BPO market

women-venture-capital-arrow

Arrow CEO points to 'comprehensive' solutions as driver for Q2 results

Distributors announces financial results, increase in sales

shutterstock-180806804-china-social-media

Microsoft Chinese partner of the year Pactera talks penetrating Chinese market

China-based provider explains obstacles in succeeding in China, why market should matter to channel

king-queen-crown

Synergy Research: Domination by cloud's big four isn't going to change

Research firm says AWS, Microsoft, IBM, Google will keep topping smaller cloud providers

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
100m-starting-line

Alibaba gunning to overtake Amazon, Microsoft in the cloud

China’s online retail giant Alibaba plans to invest $1 billion to globalize its Aliyun cloud infrastructure division, with the intent of overtaking Amazon Web Services, Microsoft and IBM

china-regulation-go-strategy-game

MSP warning against 'strategy' misuse

Hijacking the term means customer confusion

Windows 10 desktop

Microsoft releases Windows 10, but what's in it for partners?

Four ways the channel can cash in on Windows 10

rob-herjavec1

Star turn: MSP boss and reality TV regular talks up security

Robert Herjavec, Founder of MSP Herjavec Group and Dancing with the Stars star, warns cybersecurity is 'really a global problem'