3. Mirai: An IoT DDoS Botnet
Researcher analysis indicated as few as 100,000 Mirai IoT botnet nodes were enlisted in the incident and
reported attack rates up to 1.2 Tbps.
The threat is change is change over time,
Cybercriminals Hacktivists Nation state Insiders
Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident, or security incident.
The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
If kernel level rootkit install host based detection may not work
Not every single details can be derived from network based detection