The term “botnets” confuses many. But what is it really and why should you be worried about it?
BotNets make it (successfully attacking you) easy.
The word “botnet” is short for “Robot Network”. In easier terms, botnets are inter-connected systems that work in harmony to (often) achieve a malicious task. When your system is being attacked by a botnet, it means that a master computer is trying to hijack and virtually control your system.
All of your devices that are connected to the internet have probably encountered innumerable botnets by now. In fact, there’s a real chance that the system on which you’re viewing this article is currently infected by a botnet. The worst part? You’ll never realize until it’s too late.
From Digital Recording Systems (DRS) and CCTV to software for your corporation, there is no internet-connected system on the planet that is safe from botnets. The Denial of Services attack on Dyn in 2016 which directed traffic from millions of CCTV cameras and DRS to their website, causing a huge chunk of the Internet to crash in the States, is one of the recent examples of what a botnet can do.
With botnets proving to be a threat not just to a few users but the whole internet community, it’s all the more important for you to understand how they work and how you can save yourself from them.
How Does a Botnet Attack Your System? Hackers use direct coding to infect a system with their botnet or use a spider which crawls the web in search of security loopholes. Once it finds a vulnerable target, it downloads a Trojan virus onto the target’s system. This usually occurs as a drive-by download while you surf through the internet.
Often times, you won’t even notice during or after a botnet has attacked your system as it has the ability to lay dormant until the Master Computer orders it to conduct an action.
How Does a Botnet Work? Once your system is infected by a drive-by Trojan virus, it becomes a part of a botnet and is now virtually hijacked. The Master Computer, which controls the botnet, can now use the infected system’s power for conducting a number of different tasks as mentioned below.
Initiating a Denial of Services (DoS) Attack. In this case, the Master Computer will direct all of the interconnected systems in the botnet to a particular website in hopes of driving the traffic so high that the system ultimately collapses. This is what happened in the attack on Dyn in 2016. Dealing with such an attack can cost you millions of dollars if you’re not well-prepared for it.
Advertisement Fraud is another common purpose of botnets. In this case, the Master Computer redirects the infected systems to an advertiser’s page and receives a commission for every click made on it.
Spammers! Botnets are also used to send out bulk spam emails. One of my friends was actually on the receiving end of one of these. Upon casually opening his Gmail account one day, he noticed that he had sent 300+ “Happy Birthday” emails to unknown email addresses.
My guess is that those emails contained a Trojan virus.
Stealing Personal Information. Though not that common, botnets can be used to access and steal your personal information. If the botmaster uses a keylogger or spyware to track each of your keystrokes, he could easily steal your info and sell it over the dark web.
Selling the botnet to other botmasters. When a botmaster has used a botnet and no longer requires it, he often sells it to others. In easier terms, your slave-system is sold from one master to the other.
How Can I Know That my System is Infected by a Botnet? This is hard to say.
Botnets often don’t completely override the infected systems. In fact, most of the time, the amount of power that they’re using from infected systems is so low that it isn’t even noticeable. Their Trojan virus often has the ability to lay dormant until activated by the botmaster and can change over time in order to hide from internet security systems.
How to Protect Your System from a Botnet? Avoiding a botnet is far better than fighting it. It’s important to understand that botmasters are often looking for low-hanging fruit; systems which are easy to infect.
If you take some precautionary measure and place some barriers in its way, the chances of your system being infected by a botnet reduce a great deal.
Here are some common methods that you can deploy in order to avoid a botnet attack:
Beware of Phishing and Don’t Click on Unknown Links. If you receive an email with a suspicious link, never access it. In fact, block the sender immediately.
Use Better Email Services A good email service like Gmail will alert you and display a notification when an email seems shady and untrustworthy. It will also scan all attachments for viruses and give you a green signal to download them if they’re clean.
Such basic services are still absent in email services like Yahoo and AOL which is why you should completely avoid them.
Inculcate Better Surfing Habits There are a few internet surfing habits that you should inculcate in yourself for your online safety. These include hovering over links to see where they redirect you to, never clicking on links in Youtube comments and discussion boards as well as avoiding spammy popups and ads on the internet.
Although with passing time, botnet attacks are dropping in numbers, yet they still remain a real and persistent threat for anyone who uses the internet. In that regard, using better internet security suites, email services, and using safe surfing habits is extremely important for your online safety.
More information is available in our Small Business Reference Architecture white paper, downloadable here.
Latest News Subheader
What is a data breach? According to CBR online, 4.5 billion records were compromised in data breaches within the first 6 months of 2018. In comparison, there are merely about 7.5 billion people
Not a day goes by without another major news story (although, are they really major stories anymore?). However, the Norsk Hydro Ransomware event will definitely get its few minutes of journalistic
Kaspersky reported today that ASUS computers were pushed out of the factory with malware (a backdoor) installed. Should you care? Maybe. If you're a small business (I consider small anything between