We've seen the rise of botnet attacks over the past decade, and they continue to plague organizations for one simple reason: They're profitable. The operators of botnets can earn significant amounts of money with almost no outlay of capital resources. Whether they're sending spam messages for fractions of a penny, waging distributed denial-of-service attacks for a few hundred dollars or mining cryptocurrency for thousands of dollars, botnets earn money using resources purchased by other people.
As botnet attacks continue to spread, they also evolve in new and creative ways. While most botnets target endpoints running traditional laptop and desktop operating systems, last year's Mirai botnet took a different approach by targeting the rapidly growing internet of things (IoT). Unlike other botnets, Mirai targeted the Linux operating system and, specifically, the millions of IoT endpoints that run Linux under the hood in a manner that is invisible to the end user. This includes networked security cameras, baby monitors, Wi-Fi routers and other devices that consumers connect to their home networks. That army of baby monitors and security cameras successfully disrupted worldwide internet access in October 2016 when it waged a denial-of-service attack against the global domain name system infrastructure.
This evolutionary nature of botnets attacks is the reason that a single tool or technique will not stop them. If organizations want to defend themselves against a rapidly changing threat, the only way to successfully do so is with a varied set of security controls that are able to adapt as the threat evolves. While today's botnets infect traditional endpoints and are moving to IoT devices, tomorrow's might take another approach, perhaps targeting smartphones or some other platform. Organizations that embrace a layered approach to cybersecurity will find themselves ready to withstand those threats.