Botnets have become a serious business problem

He advises that companies need to start dealing with the problem that they might be communicating with infected customers. Imperva's warning comes in the wake of the ENISA botnet threat report, which predicts the growing threat and provides three high-level objectives – mitigation of existing botnets, prevention of new infections and minimising the profitability of botnets and cybercrime. Its recommendations are aimed at regulators, end-users, research institutions and affected parties but Shulman notes that the report "does not raise the fact that botnets have in fact become a business problem". His concerns: "With the rate of client infection, coupled with the rapid release of new variants of Trojans, it is practically an impossible task to expect the consumer to take full responsibility for this threat… "Furthermore, different attack schemes take on a hit-and-run model {in which malware runs once only before self-destructing]. This means that, even if the user downloads the most updated anti-virus, it will be too late." The way forward, according to Shulman, is to recognise that hackers mostly use compromised legitimate sites, and that these are often flagged as such by search engines – meaning the kiss of death for a business site. Equally, there are vast numbers of infected clients performing transactions with businesses, so companies need to learn how to interact with them and create a safe environment.