Clandestine Botnets in Cyberpace (Actual Server Data)
Clandestine Botnets in Cyberpace (Actual Server Data)

On one of the major tech sites I manage we recently had to block an entire network of rouge spiders that were causing performance issues. Not exactly a denial of service “attack” but the effects were similar as the bots were simply pulling too much data from the site which caused the site to slow down.   So, we blocked an entire network.

The next day, I noticed a new pattern when visualizing the website user data.   The new pattern was quite easy to spot and really stood out from a visual perspective.

Visualizing Bot Networks in Cyberspace
Visualizing Bot Networks in Cyberspace

I had not noticed that pattern before and did some digging around on the net into the issue and the IP addresses and discovered other network admins had experienced the same issue (under the exact same circumstances) after blocking a rouge network of bots.

In a nutshell, after we blocked one network of rouge bots, the bot activity moved to another bot network which was disguised to be regular user traffic and not Internet bots.

It should be obvious to everyone how important visualizing cyberspace is when managing networks or working on cybersecurity tasks.