Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityLogical SecuritySecurity & Business Resilience

4 Ways to Protect Networks from Botnets Before It’s Too Late

By Marko Simeonov
Colorful laptop

Sharad Bhat via Unsplash

June 26, 2025

Imagine waking up to find that someone has infiltrated into your home, the place where you feel safest, and taken over control of every device you own. With no sign of forced entry, just your everyday smart devices are now silently enlisted as digital warriors, a botnet, that sends attacks to places, people, and companies you don’t know. Your security cameras, smart thermostats, and even your smart freezer could be working for cybercriminals right now.

While this may sound like a science fiction movie, cybercriminals deploy malware to these innocent devices every day, using them for their own nefarious purposes. From large-scale Distributed Denial of Service (DDoS) attacks that cause digital service outages to brute-force credential stuffing that provide unauthorized access to sensitive data, cybercriminals are increasingly weaponizing botnets by exploiting the weakest link in the chain. Often, that link is an unsecured personal device.

While the Mirai botnet may be one of the most famous in the cybersecurity world, threat actors follow that model regularly. In the beginning of March 2025, HUMAN Security’s Satori Threat Intelligence and Research team found that a China-based ecosystem, dubbed Badbox 2.0, had deployed malware to over 1 million consumer devices like TV streaming boxes, tablets, projectors, and after-sale car infotainment systems. Starting with off-brand Android-based devices, the attackers were able to perpetuate fraud across 22 countries with the scammer-controlled botnet. Simultaneously, the Eleven11bot DDoS attack targeted telecom companies and gaming platforms, using somewhere between 5,000 or upwards of 30,000 compromised devices. 

With the ability to control these difficult-to-secure Internet of Things (IoT) devices, attackers increasingly rely on botnet malware to accomplish their objectives. 

The Anatomy of a Botnet

At its core, a botnet comprises numerous internet-connected devices infected with malware. Usually, a single weak link — a smart camera containing an unpatched vulnerability or a router with a default password — enables attackers to install malware and take remote control over the device. 

Once compromised, these devices operate under a cybercriminal’s command, forming vast networks that attackers use for illegal activities. Often, the large number of compromised devices enables them to deploy DDoS attacks, sending high volumes of requests that overwhelm websites and services while also spreading malware across networks. The impact of these attacks can range from disrupting business operations to data theft to manipulating online traffic and transactions. The stealthy nature of these infiltrations means that many users remain oblivious to their devices’ malicious activities.

Internet Service Providers (ISPs) may issue warnings about unusual traffic patterns, indicating potential botnet activity. However, many people and organizations ignore these alerts.

Whether an employee or organization is trying to determine if home devices are part of a botnet, these attacks all include similar warning signs:

  • Unusually slow internet speeds or unexplained bandwidth spikes.
  • Frequent device crashes or reboots without reason.
  • ISP notifications about suspicious activity coming from your home network.
  • Inability to access device settings because an attacker has locked you out.

4 Best Practices for Mitigating Botnet Malware Risk

Organizations may not be able to control the devices that their work-from-anywhere employees have in their homes. However, they can take steps to improve end-user cyber awareness and strengthen their own network defenses. 

Start with Access

As organizations moved their operations to the cloud, the perimeter shifted. While a company may not be able to control an employee’s home network security, they can provide information about securing access to applications and company-owned devices. By extension, employees can apply these same access protections to their own home devices. 

At a minimum, some protections that apply to all network connected devices include: 

  • Changing default passwords on all smart devices and routers immediately.
  • Using strong, unique credentials — long, complex passwords that are different for each device.
  • Enabling two-factor authentication (2FA) where possible to add an extra layer of security.

Keep Everything Updated

Increasingly, attackers use known vulnerabilities to deploy malware on end-user devices. While an organization may not be able to control how remote workers manage their personal devices at home, they can apply security updates to all corporate devices. By engaging in these practices, the organization can limit its own risk by reducing the likelihood that attackers will compromise corporate assets. 

Some best practices for improving device security include:

  • Regularly updating your devices’ firmware to patch security vulnerabilities.
  • Turning on automatic updates whenever available.
  • Replacing outdated devices that no longer receive manufacturer support.

Segment Your Network

Remote employees are not the only IoT risk facing companies. Many organizations use IoT devices for business purposes. From security cameras and smart TVs to printers and smart lighting sensors, organizations need to implement security controls that limit attackers’ ability to compromise these corporate assets. 

With network segmentation, organizations can improve security by grouping critical assets together so they can monitor those network areas more precisely. Some best practices for segmenting networks include:

  • Create VLANs (Virtual Local Area Networks) to separate your IoT devices from critical systems.
  • Use guest networks for smart home gadgets, keeping them isolated from work or personal data.
  • Monitor device traffic using security software or your router’s settings.

Pay Attention to Warnings

Many security teams are overwhelmed with alerts and false positives that lead them down a rabbit hole of unnecessary investigation, making it easy to ignore warnings that they feel are irrelevant. However, threat intelligence is public information based on known attacker activity. By correlating this information with other security data, analysts can improve their alerts and reduce false positives. 

Some best practices for improving detections includes correlating: 

  • ISP notifications about unusual activities.
  • Network scanner tools that identify unauthorized devices connected to your Wi-Fi.
  • Configurations for any device you suspect may be compromised.

The Bigger Picture: A Global Cybersecurity Threat

Cybercriminals are increasingly leveraging artificial intelligence to automate attacks, making them more sophisticated and harder to detect. Meanwhile, emerging quantum computing threats pose risks to encryption methods that secure critical systems.

This alarming trend highlights the necessity for unified defenses and information sharing among cybersecurity professionals, organizations, and individuals. And this is only one first step — cybercriminals rely on lax security practices to build their attack infrastructure, and by taking a proactive, continuous approach to security, we can collectively reduce their operational effectiveness.

KEYWORDS: botnets malware risk mitigation

Share This Story

Marko simeonov headshot

Marko Simeonov is the CEO of Plainsea, a cybersecurity platform for augmented penetration testing, aimed at enhancing the efficiency and service delivery of cybersecurity experts and managed service providers. With over seven years in the cybersecurity industry, Simeonov’s leadership is defined by a deep understanding of the challenges faced by professionals in the field. Image courtesy of Simeonov 

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!