https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Shutterstock

Emotet malware

Notorious Emotet Botnet Disrupted, But Likely Will Be Back

  • Written by Edward Gately
  • January 27, 2021
It's difficult to consider Emotet gone forever.

An international effort has led to the dismantling of the Emotet botnet, the world’s most dangerous malware strain and cybercrime-as-a-service operation.

This was a collaborative effort among authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine. It was coordinated by Europol and Eurojust.

Cybersecurity industry experts, however, say those behind Emotet will likely find a way to resurface with a new version.

According to Europol, Emotet botnet malware was delivered to victims’ computers via infected e-mail attachments. Emotet email campaigns have also been presented as invoices, shipping notices and information about COVID-19.

Core Pieces will Live On

Brandon Hoffman is Netenrich‘s CISO. He said the takedown is a “great accomplishment that has been sorely needed.”

NetEnrich's Brandon Hoffman

NetEnrich’s Brandon Hoffman

“Unfortunately, with something like Emotet, which has been running so long and embedded so deeply in the cybercrime underground toolkit, it is hard to consider it gone forever,” he said. “Certainly the people who operated Emotet, as well as the developers of it, will find a way to recover remnants of it and repurpose it into a new version. While the name Emotet may no longer be used, we should assume core pieces will live on through other tools and methods. There is a lot that we know about Emotet and we can apply those learnings for future defense, ideally providing earlier detection/prevention.”

Emotet was much more than just a malware, according to Europol. What made it so dangerous is the malware was offered for hire to other cybercriminals to install other types of malware, such as banking trojans or ransomwares, onto a victim’s computer.

Emotet’s Impact Can’t be Overstated

Stefano De Blasi is threat researcher at Digital Shadows. He said Emotet’s relevance on the cyber threat landscape cannot be overstated.

Digital Shadows' Stefano De Blasi

Digital Shadows’ Stefano De Blasi

“First discovered in 2014, Emotet evolved from a banking trojan to a highly successful initial access vector used by numerous threat actors and cybercriminal groups,” he said. “Emotet operators frequently modified the techniques used by this botnet to obfuscate its activity and increase its distribution. Social engineering attacks such as spear-phishing emails containing malicious attachments have been one of the most successful tactics employed by Emotet.”

This takedown holds the promise of having caused severe disruption to Emotet’s networks and infrastructure, De Blasi said. It also could result in longer down time for Emotet.

However, it’s unlikely Emotet will cease to exist after this operation, he said.

Malicious botnets are exceptionally versatile, De Blasi said. Therefore, it’s likely their operators will sooner or later be able to recover from this blow and rebuild their infrastructure. That’s what TrickBot operators did.

Immediate Impact

Chris Morales is Vectra‘s head of security analytics. He said Emotet was large and far reaching.

Vectra's Chris Morales

Vectra’s Chris Morales

“What is impressive, yet concerning, is how it has persisted for so long,” he said. “That stability and length of time is what has made Emotet so lucrative and widely adopted by other criminal organizations. There will be an immediate impact. Crime organizations operate based on a cost-and-efficiency model much like any legitimate organization.”

Taking down Emotet is the equivalent of “taking down an AWS or Azure major data center,” Morales said.

“The immediate impact would be felt,” he said. “But eventually organizations leveraging that infrastructure would look to move services elsewhere, including potentially internally managed. This could take some time depending on the capabilities and funding of the organizations leveraging that infrastructure.”

It appears law enforcement is learning to respond better to international threats, Morales said.

Tags: MSPs VARs/SIs EMEA Security Technologies

Related


  • Disaster Recovery
    Disaster Recovery Planning Includes Ensuring That Data Can Be Recovered
    Here’s how to ensure that your disaster recovery solution will work when it matters.
  • 2021 Channel Influencer Awards
    Spoiler alert: COVID-19 is not the Channel Influencer of the Year.
  • Security Merger
    Palo Alto Networks Unveils Bridgecrew Acquisition, Prisma Access 2.0
    Bridgecrew is a pioneer in shift left, focusing on infrastructure as code (IaC).
  • Tactical Threat Intelligence Has a Critical Place in a Layered Cybersecurity Strategy
    Tactical threat intelligence typically focuses on the latest methods threat actors are using to execute attacks.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Juniper Networks Rolls Out Paragon Automation for 5G, Multicloud
  • Companies Seek IT Security Resellers with Technical Know-How
  • Ecosystem Report Outlines Opportunities for Microsoft Partners
  • M&A Activity in Tech Sector Is Booming, Shows No Sign of Slowing

Galleries

View all

Threat Protection Vendors: Why MSSPs Have to Ramp Up Efforts Right Now

February 23, 2021

Industry Perspectives

View all

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

SASE: The Key to Mitigating Business Transformation Risk

February 22, 2021

Public Sector IT Funding Outlook for 2021–and What It Means for Our Reseller Partners

February 18, 2021

Webinars

View all

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

In Case of Emergency: The Importance of Proactive Critical Event Management

February 23, 2021
  • 1

White Papers

View all

Kaspersky Endpoint Detection and Response Optimum

February 19, 2021

Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue

January 26, 2021

Why Subscription Business Model

January 15, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@BlackBerry report shows rise in hacker-for-hire groups targeting #MSSPs. dlvr.it/RtQjD9 https://t.co/VYr5cEXCCm

February 25, 2021
ChannelFutures

.@PTsecurity_UK discovers #vulnerabilities in @VMware vCenter server. dlvr.it/RtQjD5 https://t.co/WQbn5SJdFL

February 25, 2021
ChannelFutures

Take #supplychainsecurity to the next level. @Sophos #MSP #MSSP #ransomware #cybersecurity #managedservice… twitter.com/i/web/status/1…

February 25, 2021
ChannelFutures

[email protected]_inc rolls out first partner program. #securityanalytics dlvr.it/RtQhlW https://t.co/c1Xhxaf3qr

February 25, 2021
ChannelFutures

.@AteraCloud receives $25 million investment to help more #MSPs, IT pros. dlvr.it/RtPbBG https://t.co/UxHqhrUKgx

February 24, 2021
ChannelFutures

.@Infoblox rolls out new #Cloud Specialization program to increase partners' #SaaS sales. dlvr.it/RtPb7f https://t.co/CmZTwYiv1u

February 24, 2021
ChannelFutures

RT @Channel_Expo: ⏱️ Time is ticking to save on your pass to #CPVirtual next week...View all pass options and secure your virtual seat by F…

February 24, 2021
ChannelFutures

The new @Commvault #EMEA channel exec will focus attention on alliances, cloud and simplifying and expanding partne… twitter.com/i/web/status/1…

February 24, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X