Helping ISPs defend customers against bot infections
At RSA Conference 2013 Kindsight announced the Kindsight Botnet Security service to help Internet service providers detect botnet activity in the network and protect subscribers against bot infections (click on the screenshot to enlarge it):
The solution is embedded within the service providers’ networks to analyze Internet traffic for communications between infected devices and the bot masters’ command-and-control (C&C) servers.
Throughout the past few years, botnets have become a growing concern in the US and around the world. During 2012, four of the top five high-level threats to home networks were botnets, according to Kindsight Security Labs. In fact, almost 50 percent of home network infections last year were the result of malware related to botnets.
The service is built upon the network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800). When it detects a botnet infection from a subscriber, the solution can take action by placing infected devices into a walled garden where subscribers will receive instructions and tools to help them remove the threat.
The Kindsight NIDS sensor can also block infected devices from communicating with C&C servers, preventing hackers from sending instructions and launching other attacks.
“Once a computer is part of a botnet, the infection can be very difficult to remove,” said Kevin McNamee, security architect and director, Kindsight Security Labs. “But service providers are in a unique position to help their subscribers, who often don’t know that their computer is at risk. We’re offering a solution for service providers to put a stop to these threats—not just to detect botnet activity but to help their subscribers remove the underlying threat.”