Calculate Your Risk

These findings represent what Damballa can be expected to find during a standard 30-day evaluation, in terms of enterprise systems carrying botnet targeted attack malware or communicating with confirmed malicious controllers across the Internet. The compromised assets listed below therefore reflect the most dangerous, most evasive malware currently active. These systems will have been affected even in the presence of powerful, sophisticated and well-run network security operations. Each one of these systems represents a PC, laptop or server that is being controlled by an unauthorized, malicious element, without the knowledge of IT or network security staff.

How many computers do you have in your enterprise?

What percentage of your computers run Windows?
(Enter a number from 0 to 100)

What percentage of your users have administrator access on their computers?
(Enter a number from 0 to 100)

Do you use firewalls to block all traffic except HTTP or HTTPS?

Do you use HTTP proxies?

Which antivirus (AV) solution do you use?

Low end of assets compromised (1%)

0

High end of assets compromised (5%)

0


 

NOTES: 90% of enterprise computers are likely to run some variety of Microsoft Windows, and 80% of these systems typically grant full administrator rights to at least one user, which means that user has unlimited access to all aspects of the operating system. This calculator assumes that proxy servers are in place to manage traffic flow and monitor proper usage of network resources. Corporate AV and IDS/IPS solutions are deployed and kept completely up-to-date.

In addition, the calculator factors in these additional variables, based on Damballa's research inside typical enterprise organizations:

  • 35% of botnet malware requires administrator access to function
  • 78% of botnet malware uses HTTP ports for communications with other elements of the BotArmy
  • 60% (or more) of targeted attack malware will never be caught by any signature-based AV or IDS/IPS solution