Botnets represented a lion share of the insecurities from 2006 and the trend is marching onward through 2007. A company called Support Intelligence has passively monitored the spam traffic, generally originating from botnets, in an effort to map the major spam relays. While it was expected that home PCs would represent the bulk of botnets, a surprisingly large segment of infected computers were hosted on Fortune 1000 networks. Support intelligence now posts their findings on the company blog, featuring analysis of botnets on 3M, Thomson, AIG, Aflac, Toshiba and many others.

While the spam in and of itself is merely a nuisance to its recipients, the infection of these networks carries additional implications. Botnet software embeds itself deeply, often using rootkit like functionality, and typically communicates covertly to its controller and can feature keystroke loggers, network sniffers or basic data mining capabilities - from _inside_ your financial and insurance institutions. While the companies claim no personal/private data breaches were made, bear in mind that calculations show every publicly lost record can equate to $300 in expenses. To paraphrase Edward Norton in Fight Club, "Take the number of computer systems in the field, A, multiply by the probable rate of private data exposure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of public disclosure, we don't do one."