BOTNET ATTACKS: Are You Vulnerable?
How easy is it to take over hundreds of thousands of computers, and enslave them in a botnet that could be used by hackers for malicious purposes? Not so hard, it turns out. The shocking truth is that the tools to create and operate botnets are cheap and readily available to malevolent miscreants. Read on to learn how to detect and defend against botnets, and some really good news about “Operation Avalanche” ...
What is a Botnet?
Perhaps you've read warnings about your computer getting caught up in a botnet, but you don't really understand the danger. I'll explain in simple terms what a botnet is, how it can affect your computer, and how to avoid them.
A botnet is a collection of ordinary home and office computers that have been compromised by rogue software. The term "botnet" is short for "robot network" and describes the situation rather well. Computers that have been caught up in a botnet have been effectively taken over, and can be used to perform almost any task by the person or persons who control the botnet. Botnets are controlled by cyber-criminals whose motives include selling products, operating financial scams and crippling websites through coordinated attacks.
Should you be concerned about botnets? Yes, because botnets operate silently, and your computer may be affected without you ever suspecting it. Botnets are everywhere. It is estimated that over 30 million "zombie" computers are unknowingly caught up in these networks that distribute spam, steal personal information and participate in denial of service attacks.
Botnets are carefully planned to spread via viral infections and other malicious software. They use email, social engineering, P2P (peer to peer) networks, and other techniques to spread to other computers. Once your PC is infected, it may attempt to spread the botnet code to others on a local network in a home or office setting.
In the past, botnets were most often used to spew massive quantities of spam, which is where most of the "enhance your body part," offers and phishing scams come from. More sophisticated botnet attacks can be used to gather sensitive information from businesses, political groups or governments. Recently, botnets have been used to harness the power of thousands of networked devices in distributed denial of service (DDos) attacks that can cripple a target website for days, just by flooding it with meaningless requests. My recent article Attacking the Internet is Now Child’s Play describes how journalist Brian Krebs' website was taken offline by the Mirai botnet.
These attacks can be hard to defend against, because the attackers (which can be computers, webcams, DVRs, or even baby monitors) are spread all over the Internet. And when an "attacker" is identified, it's just some guy in Podunk who failed to secure his gadget with a password, and had no idea he was involved in a global crime spree.
Bots can also be used as agents for mass identity theft. This happens through phishing emails that appear to be from a legitimate company in order to convince the user to submit personal information and passwords. Be especially wary of emails claiming to be from eBay, Paypal, banks or the government. Never click on email links to access these sites -- always use your bookmark or key it in directly.
The Good Guys Are Gaining
Fortunately, in the past few years, law enforcement and computer security companies have had some success in tracking down and neutralizing some of the most notorious botnets. In March 2010, the FBI and authorities in Spain busted the Mariposa botnet (over 12 million computers) and arrested the people behind it. In 2011, Microsoft and Kaspersky combined to neutralize the Rustock and Kelihos botnets. In 2012, the Grum botnet, which was spewing 18 billion spam messages a day, was taken down. In 2013, Microsoft and Symantec teamed up to defeat the Bamital botnet, which was hijacking the web searches of over 8 million users.
Most recently, one of the largest and most notorious botnets was busted through the cooperation of cybersecurity experts and law-enforcement authorities in 30 countries. Over 800,000 internet domains associated with the botnet have been taken offline in “Operation Avalanche.” This botnet was used to launch global malware attacks by sending over a million malicious emails every week, for at least four years. In Germany alone, authorities say there were millions of computers infected. The Avalanche botnet was able to steal email and online banking credentials, and could transfer money from the victims’ accounts.
How to Avoid Botnets
You are most likely to get sucked into a botnet if you do these things:
- Fail to secure your router and wifi with a unique username and password. (See my Wireless Network Security Checklist for details.)
- Fail to secure your software. (See Computer Security: The Missing Link)
- Click on dubious links in spam emails or shady websites
Use good security practices outlined in the links above, and avoid suspicious emails, especially unexpected messages with subject tags related to holidays, celebrities or current events. Watch out for phishing scams, never click on (or buy!) anything advertised in a spam email, and when in doubt, just don't click.
How to Detect and Remove Botnet Infections
It's difficult to detect if your computer has been caught up in a botnet, because the software that's implanted is designed to operate in stealth mode. If you notice that your computer is sluggish, that *may* be a sign that you are affected. But in general, if you have been affected by a botnet, you've got some sort of malware infection. Install good anti-virus and anti-spyware software (refer to the links above), and it should detect, take care of, or prevent the problem. For extra peace of mind, try the Norton Power Eraser, which specializes in rooting out difficult-to-detect crimeware that other antivirus tools may not detect.
Have you had experience with a botnet on your computer? Post your comments and questions below...
This article was posted by Bob Rankin on 6 Dec 2016
|For Fun: Buy Bob a Snickers.
Gooligan Malware Spreading Like Wildfire
The Top Twenty
Can You Delete Yourself From The Internet?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- BOTNET ATTACKS: Are You Vulnerable? (Posted: 6 Dec 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved