Botnets 101: What They Are and How to Avoid Them
What They Are and How to Avoid Them
Last month, the head of an international securities fraud ring was sentenced to federal prison for manipulating stock prices by using botnets to distribute spam promoting those stocks. And several months ago, 10 members of an international cyber crime ring were arrested for using botnets to steal more than $850 million after obtaining personal financial information from compromised computers.
Protecting Your Computer
The use of botnets is on the rise. And industry experts estimate that botnet attacks have resulted in the overall loss of millions of dollars from financial institutions and other major U.S. businesses. They’ve also affected universities, hospitals, defense contractors, law enforcement, and all levels of government.
What exactly is a botnet? A bot, or web robot, is an automated malware program that scans blocks of network addresses and infects vulnerable computers. A network of these infected computers—numbering in the hundreds of thousands or even millions—is called a botnet (robot network), and each computer becomes connected to a command-and-control server operated by the criminal.
Once the botnet is in place, it can be used in distributed denial of service (DDoS) attacks, proxy and spam services, malware distribution, and other organized criminal activity. Botnets can also be used for covert intelligence collection, and terrorists or state-sponsored actors could use a botnet to attack Internet-based critical infrastructure. And, they can be used as weapons in ideology campaigns against their target to instigate fear, intimidation, or public embarrassment.
Your personal computer could become part of a botnet—it only takes one wrong click for you to download malicious code. For example, you might get an unsolicited e-mail promoting a dating website or a work-at-home arrangement or an e-mail that appears to come from your bank containing a seemingly harmless link. You could be sent a link by a friend asking you to view a great video (which was actually sent because the friend’s computer is already infected). You could see a link on a webpage that seems to be soliciting donations for a recent tragedy. And you might even visit a fraudulent website—or a legitimate one that’s been compromised—and download video, pictures, or a document containing malicious code.
Multiple Botnets Targeting
Once the malware is on your computer, it’s hard to detect. And in addition to your computer being commanded to link up with other compromised computers to facilitate criminal activity, the bot can also collect and send out your personal identifiable information—like credit card numbers, banking information, and passwords—to the criminals running it. Those criminals will take advantage of the information themselves or offer it for sale on cyber criminal forums, and you could find yourself being victimized…again.
The FBI—with its law enforcement and private sector partners—has had success in taking down a number of large botnets, most notably Coreflood. But our work is never done, and by combining the resources of government and the private sector—and with the support of the public (see sidebar on protecting your own computer)—we will continue to improve cyber security by identifying and catching those who threaten it.