The scale of the botnet problem has also been difficult to quantify due to the security industry's tendency to under and overestimate the number of infected machines, with media typically defaulting to the larger estimates. Counting IP (Internet Protocol) addresses is not necessarily accurate due to dynamic IP address assignment.
Whether a botnet is small or large doesn't necessarily dictate its effectiveness. A fairly small botnet can exact an effective attack. The attack executed against Visa by the group Anonymous earlier this year involved less than 1,000 computers, according to one estimate, Hogben said.
"Size isn't everything," Hogben said. "Even if you did know the number, it wouldn't tell you much."
Sign up for Computerworld eNewsletters.