Rise of the Botnet: What is a Botnet?

What Is a Bot or Botnets?

A botnet is a network of compromised devices under the control of a malicious hacker. Each single device is referred to as a bot, but are also called “zombie computers” due to their ability to hack into and operate a computer without the owner’s knowledge.

How Do Bots or Botnets Work?

Bots sneak onto a person’s computer in numerous ways. A bot will spread itself over the internet in search of vulnerable, unprotected computers to infect. Once an exposed computer is found the Bots quickly infect the machine and report back to their “master”. The goal is to get settled into the computer and then wait until they are instructed to carry out a task. There are several automated tasks they can carry out including:

• Sending spam – This also includes viruses and spyware.
• Stealing personal and private information – This can include credit cards, bank account numbers, and other sensitive information.
• “Click fraud” – Using bots to automatically click on advertisements to make money from the clicks.

Any Recent News?

You may recall the largest botnet hack in history, which occurred last fall and caused widespread disruption to legitimate websites. This caused normal activities such as online shopping, social media interaction, and listening to music to be inactive for a long period of time.

How Did This Happen?

1. The infections were enabled through the use of default passwords on the user’s devices. Anyone placing a device on the internet without first changing their passwords was likely infected.
2. The large number of unsecured internet-connected digital devices, such as home routers and surveillance cameras, is the software used to crawl the internet to find other unsecured devices.
3. By directing large amounts of traffic at targeted servers, which made it hard for websites to function properly.

More recently, the infamous IoT-powered Mirai botnet was observed carrying out a mammoth 54-hour DDoS attack on a US university last month. This attack was notable for the duration as well as the style of attack. This bot went for the application layer rather than previous network-layer campaigns. The DDoS bots used in the attack were hiding behind different user-agents which makes experts believe we may be dealing with a new variant of the botnet.

So, How Do I Protect Myself?

1. Ensure all default passwords are changed to strong passwords.
2. Change your software settings to update automatically.
3. Update IoT devices with security patches.
4. Disable Universal Plug and Play on home routers.
5. Install security software.
6. Never click on attachments unless you can verify the source.
7. Limit your user rights when online.

For more information about services we offer, give us a call today! 480-795-2181.

Want to learn more about what a Managed Security Services Provider is? Listen to Succurri partner, Grant Eckstrom, and Fractional CMO, Tony Lael, discuss the topic in more depth in this video.