All you need to know about botnets


We’ve all seen movies like Eagle Eye and Terminator Genisys, or read one of the myriad sci-fi books that suggest computers will one day take over the world – and then we dismissed the notion as being unrealistic or far from the truth. But with our lives become more and more connected, new possibilities and vectors arise for hackers with malicious intents to target our lives, if not necessarily in the manner that is depicted in the movies. They don’t need to run a SkyNet or Genisys network to have an army of evil robots at their command – they can conscript thousands and millions of mindless connected devices to their botnets, and force them to do their evil bidding.

What are botnets?

A botnet is an army of connected computers and devices, infected with a malware that enables a “bot herder” to remotely control these devices without their rightful owner’s consent or knowledge. The herder can use the botnet to carry out a wide range of malicious activities, including the exfiltration of sensitive information such as credit card numbers and banking credentials, launching DDoS attack against target web sites, delivering spam and malware to unsuspecting victims, staging click fraud campaigns, or carry out multiple-node brute force attacks to crack passwords.

How much damage are botnets inflicting?

Botnets are nothing new and have been around for more than a decade, and by some accounts, since 1988. Estimates place the losses inflicted victims by botnets to be around $110 billion annually, with about 500 million computers enlisting in evil zombie botnet armies every year.

Today, botnets have become the source of a lucrative and profitable of business for their masters, earning them millions of dollars through cyber-criminal activities. For instance, Coreflood, a popular botnet that was stopped in 2011, was 2 million-machine-strong, and had amassed 190 gigabytes of data and looted millions of dollars from its victims.

Botnets have become so popular among large scale cybercriminals that bot herders are now delving into classic mercenary business and are renting their botnets to other attackers who want to carry out DDoS and data-theft operations (something like the cyber version of the Unsullied of Astapor, if like me you’re a fan of George R. R. Martin’s A Song of Ice and Fire). The Bredolab botnet, which was developed in 2009 by a Russian hacker and expanded over 30 million machines, earned its owner $125 thousand a month from renting it to other criminals.

What efforts are being made to stop botnets?

The feds and giant tech firms have tried to deal with botnets in earnest since 2007, though the methods employed had not been without their own set of controversies, including hacker-like and rash tactics, which in some cases have had adverse effects on uninvolved parties.

But in tandem with the efforts of the government and tech firms to take down botnets, botnet engineers have not remained idle and are using more novel and sophisticated techniques to grow and protect their botnets. One stark example is the Confickr worm, one of the most famous and uncannily ingenious botnets that has eluded cyber security experts for years and remains a mystery to this day. The worm started spawning in 2008, taking ownership of more than 12 million machines, and it still continues to breed and expand today. In 2011, a $72 million cybercrime ring was busted, which had been using Confickr, though it never became clear if the criminals were behind the spread of the original worm or not.

The future of botnets

Despite many successful attempts at taking down botnets, there’s no sign of their multiplication being slowed down, and while you were reading this article, hundreds of other zombie computers silently joined the rank of some evil botnet warlord (I dearly hope yours wasn’t one of them). What’s more, with the chaotic spread of the Internet of Things, and the many security risks and flaws that it trails behind, the prospects are becoming grimmer for security firms and brighter for bot herders, who will have billions of new devices to rally to their cause.

How do I protect myself

For the most part, following basic security best practices, including installing a good anti-malware software along with new updates and patches on should be enough to protect your PC and handset. As for the IoT, investing in one of many smart security devices to protect your home will help a lot to prevent your connected devices from being hijacked.

As for the rest, keep your fingers crossed, hold your breath, and hope the situation doesn’t spin out of control to become the realization of one of those horror sci-fi movies.


Leave a Reply to How IoT security can benefit from machine learning – Get Your Geek FixCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.