News about internet crimes often mentions ‘bots’, ‘zombies’, and ‘botnets’. It’s not hard to figure out from the context that these are computer or network security threats. But what exactly are they and how do they work?
A ‘bot’ is a type of malicious code that allows an attacker to take complete control over the affected computer – turning the computer into a ‘robot’ that the criminal can remotely control. Once infected, these machines may also be referred to as ‘zombies’.
While taking over one computer is useful, the real value comes from collecting huge numbers of computers and networking these so they can all be controlled at once (a botnet). There are between 100-150 million computers worldwide (out of 600 million PCs on the Internet) infected with bots and under the control of hackers. These computer owners unwittingly put everyone at risk, and most would be shocked to learn that the spam you’re receiving is coming from thousands or even millions of computers just like (and including) theirs. Frankly, failing to adequately protect your computer is socially irresponsible. Click here to learn how to protect your computer.
Now, the way criminals make money from connecting all of these computers is twofold:
- Criminals can use the botnets themselves. This may be to send spam, phishing, or other scams to consumers that will earn them money. They may use them to create denial of service (DoS) attack that floods a service or network with an crushing amount of traffic to severely slow down the networks ability to respond or entirely overwhelm it and take it down. The revenue from DoS attacks comes in the form of extortion (pay or have your site taken down) or through payments by other groups with interest in inflicting damage. These groups include “hacktivists” — hackers with political agendas and foreign military and intelligence organizations. In 2008 several ISP’s reported multi-hour outages of their services due to advanced DoS attacks according to research by Arbor Networks.
- Criminals also rent out their botnets to other criminals for the same exploits as they use the botnets for themselves.
Here’s an attempt at illustrating botnets are created:
If you have not installed security software and ensured that it is turned on, and kept up-to-date your machine is likely infected with all kinds of malicious software, including bots. The best protection is to run anti-virus and anti-spyware programs diligently and to install every patch that your operating system makes available. Set your computer up to run these automatically for the best protection.
Even with the most up-to-date protection tools, there is still some risk because the developers of malware are always looking for new ways to get around security measures, and your own actions may put you at risk. One common user risk is through downloading content from unknown sites OR from friends that don’t have up-to-date protections. The intent may not be at all malicious, but if content comes from an unprotected computer it may well be infected and by downloading the content you bring the malicious code past your security checkpoints. Interacting with others who have not protected their devices increases your risk.
Watch for symptoms like odd changes in settings, or your computer becoming really slow or crashing for no obvious reason. If these occur, take action. The cause may not be a bot, it could be another form of malicious software that causes the same symptoms, but they are clear indicators of trouble. If you experience these, check to be sure you have the latest operating system updates, and that your anti-virus and anti-spyware programs are updating properly, then run a new scan of your computer. You may want to use a second spyware tool (many, like Ad-Aware offer free versions)
Don’t contribute to this problem. Ensure you have adequate protections today.