Women's Society of Cyberjutsu – Cyber Security For All
Today we are going to be talking about botnets. You might have heard about bots in the news or from a friend. Not all bots are created equal. There are good bots and there are bad ones. The good ones, like chatbots help businesses with common customer service activities such as answering common questions. Other types of bots scrape the internet and buy alert you when an event happens. For example, there are bots that update Covid vaccine statuses and notify you when an appointment becomes available. But, do not be fooled, there are bots that are bad. Botnets are the specific type of bad bots we are going to be discussing today.
What is a botnet
According to Kaspersky, a botnet comes from the words robot and network. These bots, take over your devices, usually without your consent, and then go and do something on the internet. Most of the time, they perform malicious attacks such as stealing data, causing servers to crash, or distribute other malicious software. Like an invisible virus, users are usually unaware that their devices are being used for malicious activities.
How are botnets used
Botnets are a tool that hackers use to help augment the damage of their attacks. An attacker only has so many finite resources, but if you can build an army of devices to help you in your attack, well then you got something big brewing. It all starts with a bot herder. This person is orchestrating the attack and begins to create and distribute bots. The bot herder will distribute the bots and infect other computers which become zombie computers. This is why it is so important that you do not fall to social engineering attacks such as phishing scams or giving up your password to your computer. Once your computer is infected with a bot, it can be controlled by the bot herder. Your computer will operate mindlessly, without your consent and sometimes without you even knowing. When the bot herder is ready to activate the bots, he does so remotely. The bots mobilize and carry out their programmed attacks.
Should you worry about botnets
Botnets are a different kind of malware that can cause some serious damage. You might become a victim of a botnet attack, or you might become an accomplice. Either way, you should try to stay away from botnets as much as possible. Identifying social engineering attacks can be tricky, but the best way to avoid falling victim to a botnet attack is to practice safe internet browsing tips and tricks. Never download anything you do not trust or recognize. Challenge every email that comes with attachments or that asks you to visit a website to install something. Scammers might even try to call you and convince you to go to your computer to download some software so they can help walk you through a process. There are many different tactics an attacker can use to get a botnet installed on your computer. Being vigilant and aware of their tactics is just one way to combat this.
And it’s not just your computers that can be used by botnets, phones, infrastructure hardware, Internet of Things devices can all serve as a host to a botnet. Basically, if it can connect to the internet, it can be used. This is why, if you listen to some of my earlier podcast episodes, I urge you to change your default passwords and usernames. Any device, smart home devices, routers, cameras, can be utilized to aid botnets.
How to protect yourself
As scary as these botnets are, there are a few things you can do to protect yourself. First, if you haven’t already, change the default passwords of your connected devices. Make sure you use a strong password (I have an episode on that as well). Make sure you are buying devices from trusted vendors. I mentioned this before in a previous episode, but when you buy cheap devices, you are buying compromised security. Be careful with email attachments. If you didn’t request something from someone, do not download it. An updated anti-virus will help keep you safe against known botnet attacks. And finally, never click on any links in messages that you receive. This can be via text message, social media DM’s, emails, etc. If you receive a link, make sure you are soliciting the link. Links can take you pretty much anywhere on the internet and hackers use malicious links to send you to malicious places where you’ll then obtain malicious software. Once a botnet gets on your machine, it is very difficult to stop. Always be on the defensive and be vigilant for malicious attempts against you and your devices.
There you have it. Your botnet 101 guide. I hope you take my advice here and go protect yourself. Be careful when you click on links on the internet. Make sure you trust the sender and keep your passwords updated and safe. Botnets are out there, stealing information from unsuspecting victims. Do your part and do not offer up your devices to botnet hackers.