The past few years have witnessed a surge of botnet-linked cybercrime, which increasingly raises the profile of bots as a tool in organized cybercrime. [See: ZeusVM Leak Means Botnet Surge] Bots have come of age in the past decade and continue to evolve in sophistication - with intent ranging from the useful to the destructive. So how do you tell a good bot from a bad one? How can you design an effective bot management strategy?
"The first step is detecting if the traffic is from a bot or human," says John Ellis, Chief Strategist Cybersecurity - Asia, Pacific & Japan at Akamai Technologies. "Based on this classification and the behavior of the bot, you need to determine how you want to respond to it. You should focus on doing a lot of your filtering well away from your datacenter."
When it comes to the malicious bots, there are people out there who just want to build up botnets by infecting as many machines as possible, he says. To build up this attack infrastructure, it makes sense that India and China are simply the biggest targets when it comes to the sheer volume. There are also people out there who are targeting specific environments and specific demographics - gathering information illegally, for legal profit, Ellis says.
In this exclusive interview with Information Security Media Group, John Ellis shares some background on his session at RSA Conference APJ, held in Singapore, titled Good Bot, Bad Bot, Ugly Bot. Battle of the Bots!. Ellis goes further to talk about the Asian region in particular and the nature of the Botnet activity being seen here. He shares insight on:
- The basics of bot management;
- Bots as tools in cybercrime;
- Recommendations for successful Bot mitigation/management.
Ellis is Chief Strategist Cybersecurity - Asia, Pacific & Japan at Akamai Technologies. He is an experienced thought leader with more than 20 years of IT security strategy and technology solutions experience financial industry and has spent the last eight years in Asia. He has held senior technology positions in Standard Chartered Bank, Barclays Capital and Telstra.