Effects of botnets – a human-organisational approach
Journal Title: Security and Defence Quarterly - Year 2021, Vol 35, Issue 3
Abstract
Botnets, the remotely controlled networks of computers with malicious aims, have significantly affected the international order from Ukraine to the United States in recent years. Disruptive software, such as malware, ransomware, and disruptive services, provided by those botnets has many specific effects and properties. Therefore, it is paramount to improve the defences against them. To tackle botnets more or less successfully, one should analyse their code, communication, kill chain, and similar technical properties. However, according to the Business Model for Information Security, besides technological attributes, there is also a human and organisational aspect to their capabilities and behaviour. This paper aims to identify the aspects of different attacks and present an analysis framework to identify botnets’ technological and human attributes. After researching the literature and evaluating our previous findings in this research project, we formed a unified framework for the human-organisational classification of botnets. We tested the defined framework on five botnet attacks, presenting them as case studies. The chosen botnets were ElectrumDoSMiner, Emotet, Gamover Zeus, Mirai, and VPNFilter. The focus of the comparison was motivation, the applied business model, willingness to cooperate, capabilities, and the attack source. For defending entities, reaching the target state of defending capabilities is impossible with a one-time development due to cyberspace’s dynamic behaviour and botnets. Therefore, one has to develop cyberdefence and conduct threat intelligence on botnets using such methodology as that presented in this paper. This framework comprises people and technological attributes according to the BMIS model, providing the defender with a standard way of classification.
Authors and Affiliations
Zsolt Bederna, Tamás Szádeczky
Keywords
Related Articles
- EP ID EP705799
- DOI https://doi.org/10.35467/sdq/138588
- Views 74
- Downloads 0
Preparing for future security challenges with practitioner research
Mid-sized countries face a changing security environment, and cannot be certain that the knowledge and practices of the past will serve the future. The officers, professors, and researchers in defence universities are th...
Cooperation of military educational institutions as a tool for developing regional security and confidence
The paper deals with issues related to security and defence as seen from the perspective of the role played by military education. The essence of the new security environment realm and new threats for security are descri...
The basic health care system in a crisis situation after the use of weapons of mass destruction
Weapons of mass destruction pose a threat that all health care institutions should be prepared for. Every health care centre can be an essential part of the joint system of response when a critical situation occurs. Alth...
Challenges and changes for the Polish Armed Forces in relation to Polish security policy.
----------
The military-geographical significance of the Suwałki Gap
Dynamic changes in the security environment are forcing us to reflect on the shape of the international order at the end of the second decade of the 21st century. The aggressive policy of the Russian Federation, which is...