Symantec adds botnet protection to managed services

Security tools detect botnet activity and analyse which malware is responsible

Security vendor Symantec has integrated new botnet intelligence capabilities into its Managed Security Services (MSS) to give additional protection for its customers.
Using its global intelligence network, Symantec said that its security tools could detect botnet activity, characterise which malware is responsible for the problems and cross-correlate blacklist data to identify any problems that might have been missed.

During September Symantec said that over half the 2,000 botnet-related incidents were picked up by its new botnet intelligence capacity.

Symantec's latest Internet Security Threat Report found more than five million distinct botnet-infected computers during the period from 1 January to 30 June, representing an almost seven per cent increase over the previous year.

The increase in botnet threats detected by Symantec was confirmed by an earlier report from carrier and business network security vendor Arbor Networks. Arbor's third annual Worldwide Infrastructure Report said that botnets had overtaken distributed denial of service (DDoS) attacks as the top threat for service providers (SPs).

One worrying factor in the Arbor report was that even though top-tier SPs had upgraded their backbone infrastructure from 2Gbit/s to 10Gbit/s, SPs surveyed said that the sustained attack rates were exceeding 24Gbit/s.