Botnets have become one of the biggest threats to security systems today. They are also becoming a larger part of cultural discussions around cyber security.
The use of botnets to mine cryptocurrencies like Bitcoin is a growing business for cyber criminals. It’s predicted the trend will continue, resulting in more computers infected with mining software and more digital wallets stolen. Botnets are also dangerous to businesses and consumers because they’re used to deploy malware, initiate attacks on websites, steal personal information, and defraud advertisers.
A botnet is a network of computers that have been intentionally infected with malware by cybercriminals in order to perform automated tasks on the internet without the permission (or often the knowledge) of the devices’ owners. The term is an abbreviation of ‘robot and network’. When a bot penetrates a computer, its controller can take over the control of the device and others in the botnet through communications channels using standards-based network protocols.
Cybercriminals use botnets to distribute spam email messages, spread viruses – including spyware, commit fraud and identity theft, attack computers and servers, and perpetrate DDoS (distributed denial of service) attacks.
Also see: What is ethical hacking exactly?
How your computers are forced to be part of a botnet
Computers can become part of a botnet in the same ways as they are infected by any malware:
By opening attachments in emails which contain malware by means of a Trojan horse program. In this case, the Trojan may either delete itself once the computer is infected, or remain to update and maintain the malware modules.
- By visiting websites which are infected with malware. This could happen by either clicking on malicious links in emails or social networking posts, or simply visiting infected sites proactively.
- Peer-to-peer (P2P) – in other words spreading from one computer to another via a network, infected storage devices or on the internet.
How they manifest
To build a botnet, botmasters need as many infected online devices or “bots” under their command as possible. The more bots connected, the bigger the botnet. The bigger the botnet, the bigger the impact. So size matters. The criminal’s ultimate goal is often financial gain, malware propagation, or just general disruption of the internet.
Imagine the following: You’ve enlisted ten of your friends to call the Department of Education at the same time on the same day. Aside from the deafening sounds of ringing phones and the employees running around, not much else would happen. Now, imagine you wrangled 100 of your friends, to do the same thing. The simultaneous influx of such a large number of signals, pings, and requests would overload the DOT’s phone system, more than likely shutting it down completely.
Cybercriminals use botnets to create a similar disruption on the internet. They command their infected bot army to overload a website to the point that it stops functioning and/or access is denied. Such an attack is called a denial of service or DDoS.
Also see: What are White hat hackers?
How to protect your organisation
- Update your operating system. Software developers actively combat malware; they know early on when threats arise. Set your OS to update automatically and make sure you’re running the latest version.
- Uninstall one antivirus program before you install another.
- Do not click on links in emails or social networking posts from an unknown, suspicious or untrustworthy source.
- Avoid email attachments from suspicious or unknown sources. Email attachments are a favourite source of infection for many types of viruses. Don’t open an attachment from an unknown source.
- Take care when using USB connected devices (eg memory sticks, external hard drives, MP3 players) as they are very common carriers of malware.
- Take care when using CDs/DVDs as they can also contain viruses.
- When downloading free software, do so with extreme caution.
- Avoid downloads from P2P and file sharing networks. Botnets use P2P networks and file sharing services to infect computers. Scan any downloads before executing the files or find safer alternatives for transferring files.
- Buy only reputable software from reputable companies and ensure that it is always kept updated.