Enterprise infections might be more widespread than security professionals realize. Botnet operators traditionally filter into home users with lightweight security, so IT frequently assumes their heavily structured networks are immune, but people close to the situation say otherwise. The rate of infection is not increasing, so there just needs to be greater awareness. Symantec reported over 2,000 botnet-related incidents in October 2007 through its nationwide Security Operations Centers, which oversee security for a client list including 81 of the Fortune 500 companies. Support Intelligence is a security firm that regularly finds dozens of infected client machines in enterprise customer networks. If you think you are not at risk, you should consider two factors: first, more enterprise users carry their PDAs or laptops back and forth from home to the office or they work from home exclusively, opening new attack vectors; second, botnets such as Storm are getting more intricate and stealthy. While the purpose of most botnet activities is to propagate, send spam, or initiate distributed denial-of-service attacks, nothing is stopping operators from conducting more targeted attacks. So-called 'bot-aware' products are increasing, yet security tools still miss infections too frequently. Even those with tight network security might be at risk, as many bot infections of businesses take place via social engineering to encourage users to click on the malware by disguising it as porn or legitimate links. Companies can take protective steps by staying patched, keeping antivirus current, monitoring outbound spam, and keeping an eye on mischievous Internet relay chat traffic because many bots are IRC-based. The bottom line is that it is better to be safe than sorry. Do not assume that bots cannot get in your network because a company's zombified machines are infected with malware, which gives the botnet operator an entry point to your business.