Robot networks or botnets are responsible for all sorts of nefarious activity and have quickly grown in popularity among criminals. A botnet is a bunch of computers infected by malware and are like zombies under the control of an evil-minded person or persons who can command every computer on their botnet to do their bidding. Depending on the size of the botnet, this can make them very powerful, especially when a botnet grows into tens or hundreds of thousands of computers. Some of the things criminals can order their botnets to do include:
- Distributed Denial-of-Service (DDoS) attacks: these kinds of attacks cripple websites by assaulting them with multiple requests, all at once, from tens or hundreds of thousands of computers. Imagine shouting ten thousand orders at a small child. They would simply freeze, overwhelmed and unable to respond for sheer lack of capacity to process it all at once. This is how DDoS attacks overwhelm Web servers.
- Waste resources: imagine you work for a large company that spends millions of $ on automated (called programmatic) advertising campaigns. You count on those automated ads to track and get in front of real people. Now, imagine a competitor who is willing to do anything to make sure your ad spend is wasted and never sees the light of day to a real human set of eyes. That competitor may be so inclined to hire someone with equally few scruples to employ their botnet to launch an assault on your legitimate ad campaign, wasting your efforts, your money, and gaining an advantage.
- Spamming, brute force, and phishing attacks are other common uses for botnets of all shapes and sizes. They can be used to break into private networks, steal financial information such as credit cards transactions, bank account details, and other high value assets from companies of all shapes, sizes, and industries, as well as from individuals, depending on the criminals’ goals.
That’s all troubling enough, but botnets are also well suited for what we call ‘persistence’ or remaining undetected inside private networks for a long time. Individual computers and other electronics, like routers, switches, and connected home devices, can be updated remotely to change their functionality and objectives. Most commonly, they’re instructed to infect as many other computers and devices present on the network they’re on, which makes them more difficult to get rid of once they establish themselves.
Because of this, botnets are a concern to us all, which is why it’s important to use end-point protection, such as anti-malware tools, intrusion detection strategies, and to periodically look at device logs for unusual activity in order to be as pro-active as we can be.
Hope this has been helpful! Thanks for reading.