Botnets: Plague of the Internet?

The robot armies may already be among us.

All right, that may be a tad melodramatic, but the dangers posed by what are referred to as botnets shouldn’t be underestimated. After all, a common nickname for botnets is zombie armies—obviously not something that should be taken lightly.

While much of the focus over cyber security may be placed on the likes of viruses and worms, botnets are often regarded as the biggest threat the internet faces today. The invasion of the robot armies has gone on for more than ten years now, with no end in sight.

When considering that reports have indicated botnets have cost over $110 billion in losses and that 500 million computers have fallen victim to this virtual plague, the seriousness of the issue becomes clear. Raising awareness of the dangers as well as the ways to prevent botnet attacks quickly becomes a top priority for individuals and businesses.

First it’s important to understand just what botnets are. Not to get too involved in the technical details, botnets are most simply described as computers that have been infected with some form of malware that allows them to be controlled by another party, usually referred to as the “bot herder.” This is all done without the owners of those computers knowing their machines have been commandeered by someone else.

The bot herder can then use those bots (or “zombies”) to perform a variety of nefarious acts, including sending spam email to other computers, launching DDoS attacks, retrieving sensitive data such as bank account information, and performing click fraud. In short, infected computers act on the orders of the bot herder, a frightening prospect considering how much information people normally have on their computers.

Sadly, the infection can spread quickly to multiple machines in just a short amount of time. Even more serious is that botnets, once created, are often rented out to third parties. Those parties, which are sometimes criminal enterprises, can then use the botnets for their own ends, conducting their own operations to get gain. The damage can be extensive and difficult to control. Just take a look at one example of a botnet, called ZeroAccess. ZeroAccess is one of the largest peer-to-peer botnets that has ever been discovered, affecting nearly two million computers worldwide.

The ZeroAccess botnet generates revenue by participating in click fraud and bitcoin mining. The end result is a net gain of more than $2,000 every day from bitcoin mining, and tens of million dollars every year in traffic from click fraud. That doesn’t even count the more than $500,000 wasted each day in electricity use to perform these criminal acts.

So how does a computer get infected in the first place? The answer is actually pretty simple. In many cases, computers become bots by simply not having the right safeguards in place, such as firewalls. In fact, in almost any way computers get malware, they can become part of the zombie horde. An internet portal left open and unprotected is just asking for a Trojan horse program to be left on the machine. Computers that also run out-of-date software or use pirated software are also opening themselves up to infection.

The ways to prevent this from happy should be clear. First, computers need to have basic security features, from firewalls to anti-malware programs. Computer users also need to ensure any software they use is updated with the latest patches, whether they are using a cloud program or what is flash storage.

For businesses worried their computers will be commandeered, managers would be smart to raise awareness of the social engineering techniques often used to infect employee computers. Businesses also need to monitor their networks to check for any activity considered out of the ordinary. Scanning systems for any possible breaches is a must since prevention is a lot easier to handle than damage control.

Law enforcement agencies and even large tech companies have made significant efforts to combat botnets, but even that hasn’t stopped them from spreading. Every time one botnet is eliminated, more seem to spring up. Becoming more aware of the threat and taking measures to prevent infection is the surest way to maintain data security and control over computers.

 Bot herders like to take advantage of weakness in the armor, so to speak, so ensuring the armor is strong will deflect any attempted attacks.