Everytime I hear the term botnets, I picture Frenzy from the Transformers universe. In case you can’t immediately picture him, he is a very twitchy, little guy who gibbers to himself. His main purpose is to wreak havoc and spy on the humans and to report back to the Decepticons, who, by the way, are the bad guys in the Transformers universe.
So why do I picture Frenzy in all his sneaky single-mindedness? Well, it is because the bots of the botnet are a lot like Frenzy. Their main job is to steal data and wreak havoc. And, in fact, they report all the data that has been stolen back to a central computer known as the Command and Control Server (C2) just as Frenzy would report all his findings back to the Decepticons. A botnet just means that all these bots are working together across multiple machines. Botnet is really just short for “Bot Network.”
Botnets are deployed by cybercriminals, and the bots are installed on a computer through phishing attacks or other means that trick users into installing trojans on their systems. (See, once again the bots remind me of Frenzy, especially the scene in the first Transformers movie where he took the form of Mikaela’s phone and used his disguise to spy on her and Sam .) Originally botnets were used to coordinate Distributed Denial-of-Service (DDOS) attacks. A DDOS attack uses multiple systems to attack a single targeted system to overwhelm it and take it down. By using a botnet, cybercriminals could use the computers of innocent users to implement the DDOS attack. Over time, botnets have become more sophisticated and learned to gather data from the systems they are installed on. They can grab credentials you have stored in your browser’s password manager, scan for particular file types, read your browser cookies, steal your bitcoins and so much more. They will quietly sit there like Frenzy hid in Mikaela’s purse pretending to be her phone and gather all the information their little sneaky hearts desire and then report it all back to the C2, the Megatron of the cybercriminal world.
All this data translates into money for the cybercriminals and they can control up to a million bots in a single botnet. They are out there and they are trying everything they can to infiltrate your systems.
So how do you protect your data and your systems from these sneaky little bots? The top three steps you can take are:
- Install antivirus/antimalware software - Ensure that not only is this protective software installed but that it is configured correctly and is kept up to date.
- Stop and think before you download anything - Check any emails that ask you to click on links or download something. Are there odd spellings? Does the email match the sender name? And, remember, free software can come with a steep price (i.e., hidden malware).
- Constantly educate yourself and those around you - The bad actors are always coming up with new ways to trick us. During COVID-19, there have been numerous phishing scams promising COVID-19 cures or vaccinations. You need to be aware of what the bad actors are up to so you can protect yourself against them.
The bottom line is we must remain vigilant against attacks. With cybercriminals using technology like botnets to automatically perform their attacks for them and gather our valuable information, we are facing a formidable foe. Identity theft is because these botnets are stealing people’s personal information (and in case you didn’t know, it is Identity Theft Awareness Week.) Individual awareness will keep us alert and responsive. Like the Decepticons, they can be anywhere so it is crucial that we develop solutions that will automatically detect infiltration of these bots and counteract the destructive and insidious actions of the botnets.