Botnets, Complacency and the UK Government

Gadi Evron drew my attention in an article for Dark Reading to a piece in IT Pro by Asavin Wattanajantra. The piece quotes Dr. Steve Marsh, of the UK's Cabinet Office (the Office of Cyber Security, to be precise) as saying that botnet operators are interested in money-generating attacks on the private sector, not causing damage to "national networks".

You might recall that I made a not dissimilar point in this blog with regard to Conficker, when we were all wondering what April 1st would bring: basically, I maintained that the Conficker gang was unlikely to attack the Internet infrastructure, as some journalists and others were fearing.

However, I don't feel, for a number of reasons, that the UK government (or any government) should be complacent about the risk from botnet-directed attacks for purposes of espionage or cyberwarfare (whatever you may understand by that particularl buzzword). I've explained my reasons for that in a blog for (ISC)2 ( International Information Systems Security Certification Consortium) at

Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled):
ESET Threatblog notifications on Twitter:
ESET White Papers Page:

Securing Our eCity community initiative:

Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.