Botnets 101
There are some things in life that though you may not know exactly what they are, you can just tell they aren’t good. For many people botnets fall squarely in this category of mostly unknown, but probably not good, and with the way they’re causing havoc all over the internet, those people are right to follow their instincts. Here’s a primer on what you need to know about botnets:
They’re Made Up of Computers and Devices Just Like Yours
What is a botnet, anyway? It’s a network of “bots,” computers or other internet connected devices that have been infected with malware that allows them to be controlled remotely. Collectively, these computers and devices provide an impressive amount of computing resources to the person or persons controlling the botnets.
Your Computer or Device Could Very Well Be Part of One
It would be nice to think you would know if your computer, tablet or IoT device is being used by someone halfway across the world, but botnets are made up of tens of thousands and even hundreds of thousands of devices, with the vast majority of device owners being completely unaware that anything is amiss. That’s a big part of what makes botnet malware so effective.
There’s Really No Good Reason to Have a Botnet
There are plenty of malicious reasons, however. Botnets are commonly used for spamming as well as hosting phishing sites, installing adware, harvesting personal or financial information, and perpetrating DDoS attacks. So, while you may hear of good bots, like search engine bots, there tend to not be any good botnets.
Botnets Are Getting Bigger Than Ever
It used to be that botnets had to be built using infected computers, a somewhat tall task in the days of anti-virus and anti-malware programs, but with technological development has come increased opportunity for cybercriminals. The Internet of Things has brought amazing products to the world with its smart devices and huge amount of connectivity, but it’s also caused botnets of record size to be easily assembled. Many IoT devices suffer from a lack of emphasis on security in design and development as well as a lax attitude toward security from end users, leaving billions of devices with default usernames and passwords in place, making it simple for them to be enlisted in massive IoT botnets like Mirai.
Botnet Malware Is Harder To Stop Than Ever
After Mirai, word spread that IoT device owners needed to lock down their devices by changing those default usernames and passwords. That’s certainly a necessary step, however a new IoT botnet called Persirai now boasts malware capable of stealing a device’s password file regardless of the strength of the device’s password. Without further precautions taken, virtually every device is vulnerable to this malware.
In order to protect IoT devices from this insidious malware, they should be isolated on the network using segmentation or firewall policies and only permitted to communicate with approved IP addresses. Internet access to admin ports should also be blocked and universal plug and play should be disabled on the firewall or router.
The End Result Is DDoS Chaos
Distributed denial of service attacks that render websites or online services unavailable have always been arguably the biggest problem stemming from botnets, and that problem has only been getting bigger and more out of control. Massive IoT botnets are resulting in DDoS attacks of record breaking size, including the Mirai botnet attack on the Dyn DNS server that took the New York Times, Reddit, Netflix and other major websites and services offline, while the huge number of botnets available has contributed to how easily accessible DDoS for hire services have become, allowing anyone to launch DDoS attacks for a nominal fee.
It’s Time To Fight Back
The time to fight back was actually years ago, but better late than never. Computers need to be secured using anti-malware programs and IoT devices need to be secured using the steps outlined above in order to keep them from becoming a part of one of the untold number of botnets cluttering up the internet landscape. Additionally, businesses and website owners need to take serious steps to protect against the DDoS attacks coming from those botnets. This means professional DDoS mitigation that’s intelligently designed to protect against large scale network attacks as well as sophisticated application layer attacks.
Anyone who has ever suspected that a botnet is a very bad thing should now know for sure, and should be taking the steps necessary to keep botnets from reaching their hideous potential.