Security Terminology Demystified: The Botnet

You are now part of a collective, controlled by an unseen presence and forced to do their bidding …

In our comprehensive guide to all the security threats that are out on the market today we listed some of the most virulent and one of these is the botnet. A botnet is used to describe a collection of devices or PCs that have been infected with a common malware and that are used to do the bidding of a cybercriminal.

Most people aren’t aware that their computers are being used to send spam or infect other people or even effect a Distributed Denial of Service (DDoS) attack which makes this type of security breach particularly unpleasant. You have suddenly become a part of the problem, infecting other networks and ruining lives.

To make matters even more complicated, not all botnets are evil. Often, they are used to bring together the computing power of different, connected computers, to manage specific tasks. They are legal, necessary and even quite beneficial.

They’re capable of performing the exact same tasks as malicious botnets only they’re doing great things and possibly making sure that you can read this article right here, right now.

So, what exactly IS a botnet?

 

The definition

Botnet is a portmanteau of the two words ‘robot’ and ‘network’ and the person who is in control of the botnet is known as the ‘bot herder’.  The botnet is, as mentioned earlier, a collection of internet-connected machines – these can be smartphones or PCs or any device with internet connectivity – that have been, in the event of a malicious botnet, breached and pulled into the bot herder’s control.

It is very likely that you introduced the software that allowed your machine to be pulled into this dark web when you installed a Trojan – code that has been hidden inside an email, an attachment or on a trusted website – or when you downloaded something that had the software hidden inside.

Once it enters your machine it’s all systems go, it will contact the master computer and hook you into the network. You are now no longer in control and your machine is one of a mass of zombie computers doing the bidding of their controller…

Botnets have been used to:

• Perpetrate DDoS attacks that shut down websites and businesses by overwhelming their systems
• Send out spam through your email address
• Target banner ads in your web browser specifically for you
• Ransomware type pop-up ads that demand for payment to remove the botnet
• Generating fake internet traffic to make money
• Mine cryptocurrencies
• Spread fake news and fake ads

Fun fact: In 2018, GitHub, a website for computer programmers, was taken offline by tens of thousands of computers in a DDoS attack. It was a record-breaking attack that Wired magazine called the ‘biggest DDoS attack ever recorded’. The attack was swiftly dealt with by the GitHub experts and the entire assault took less than ten minutes from start to finish. GitHub used a DDoS service called Akamai Prolexic that took over, routing the traffic through its own centres to remove the malicious packets. The total volume that the company took was around 1.35 terabits per second.

 

The threat

There are several things you need to be aware of when it comes to a botnet:

• They are almost invisible – botnets only use a small percentage of your computing power so they often remain hidden inside the system, undiscovered.
• They aim for scale – botnets work best when they are connected to thousands of devices. The goal is to pull in as vast a network of zombie computers as possible so that any attack is as efficient as possible.
• Your computer becomes a zombie – the technical term for any device that’s been infected by a botnet.
• Some botnets learn – this means that they can adapt their code and their ability to remain hidden so that they can continue to infect as many devices as possible.
• Botnets can infect anything connected to the internet – yes, this includes smart appliances, security cameras and even smart watches.

Fun fact: In March 2019, 400,000 connected devices were used in a targeted attack that lasted for 13 days. The DDoS attack saw the botnet produce more than 292, 000 requests per minute in a relentless barrage that stopped as suddenly as it began. The attack was defended by Imperva who outlined the technical details in a fascinating blog post right here.

 

The protection

 Here are seven steps that you should follow to protect your system from becoming a zombie:

5. Keep your system updated – Always update your operating system and keep it updated. It’s a good idea to turn on automatic updates if you can as hackers often use vulnerabilities in the system to gain access to your machine. This applies to more than just your computer, keep all your devices updated.
6. Use a firewall – A firewall is one of the best defences against dodgy incursions and will help you keep your machine protected as you wander the internet. Norton Smart Firewall is designed to monitor your communications and warns you if any other computer tries to connect to yours.
7. Use a reliable and regularly updated internet security solution – Also consider investing into an equally powerful antivirus system, and to keep your shields running. Pick an internet security software platform that’s got a solid reputation along with anti-phishing technology and defences against all the online threats that hang about trying to get into your system.
8. Backup your data. Ensure your files are constantly backed up and stored in a secure location that cannot be accessed over the network. That will ensure your information remains free from infection.
9. Don’t click on unexpected or unknown attachments. It isn’t worth the risk. If you really must know, email the person who sent it to you and confirm that it is genuinely from them. Avoid: clicking on popups, opening strange links in an email, downloading and installing programs from unknown sources, opening unsolicited attachments.