An RSA study released on Wednesday claims that most major U.S. corporations — including up to 88% of Fortune 500 companies — may be affected by botnet activity from computers compromised by the Zeus Trojan.
In the article, “88 percent of firms show Zeus botnet activity,” RSA’s FraudAction Anti-Trojan services analyzed data stolen by Zeus from infected computers that included IP addresses and emails that belonged to the corporations. Among the stolen data found on the sites where infected computers drop the stolen data was compromised email addresses from about 60% of the firms.
With such a high percentage of botnet activity hitting Fortune 500 companies, it just goes to show that even the biggest, theoretically most advanced companies from a security standpoint are not immune to being hit by infectious malware.
It all circles back to a recent posting on what we’re doing today to improve our cyber defenses. In the blog, “Repercussions, not legislation, key to improving nation’s cyber defenses,” I mentioned that we need to get out of the status quo network security practices and techniques that are flawed, and start thinking in a more proactive manner. Until we do, our systems will remain at risk of hidden malicious code and malware attacks designed to snoop and steal our sensitive data, whether we know it or not.