Following my previous post on OSINT Through Botnets, here's a company that's categorizing Fortune 500 companies whose networks are heavily polluted with malware infected hosts :
"Support Intelligence (SI), a network security company in San Francisco, has been running what it called "30 Days of Bots," featuring corporate networks infected with spam-churning bots. It began analyzing data in February, monitoring 10,000 domains that plow data into a trap much like a fishnet, except the intelligence in the data is designed to determine what information to keep by looking for spam. In total, SI analyzed traffic from more than 100 sources, including the aforementioned spam traps."
Considering the possibility for gathering open source intelligence through military and government infected PCs only, it is logical to conclude that a specific company can be targeted on the basis of the already infected hosts on its network as well. Think about it. For the time being, a botnet's master doesn't really care if it's a military or Fortune 500 company that's infected as long as spam, phishing and malware goes out of these hosts. But passive corporate espionage in the form of intercepting the traffic going out of a specific company's network shouldn't be excluded as an opportunity.
Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Wednesday, May 16, 2007
Corporate Espionage Through Botnets
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment