- Gmail’s email filtering may affect what candidate emails you are seeing 3 Years Ago
- Woman shares aftermath of domestic abuse: ‘This is only to raise awareness’ Today 10:40 AM
- Skai Jackson gets restraining order against Bhad Bhabie after death threat Today 10:19 AM
- Taylor Swift shades Scooter Braun in ‘The Man’ video Today 10:15 AM
- Porn stars are lining up behind Bernie Sanders Today 10:10 AM
- YouTube mom says she ‘beat’ her 2-year-old daughter for ruining her makeup kit Today 10:02 AM
- Ajit Pai’s net neutrality victory lap comes as his own repeal is under review Today 9:20 AM
- Alissa Violet is in Italy—and fans are worried she’ll get coronavirus Today 9:19 AM
- Bernie or Barry? Garth Brooks’ Sanders jersey sparks online panic Today 8:42 AM
- Netflix series ‘Followers’ is a visual treat—but lacks a clear narrative Today 6:00 AM
- Influencer got trapped under ice for TikTok clout, ‘came close to dying’ Thursday 7:59 PM
- #BernieBruh puts new spin on ‘Bernie Bro’ label, showcases support among Black voters Thursday 6:58 PM
- Camila María Concepcíon, trans activist and Netflix writer, dies at 28 Thursday 5:46 PM
- Chrissy Teigen calls out fan who made weird comment about her daughter’s feet Thursday 4:57 PM
- TikTok’s ‘clean queen’ says videos are helping her figure out ‘adulting’ Thursday 4:12 PM
Your smart TV, fridge, digital video recorder, computer or printer might be a member of a secretive cybercriminal army, carrying out the commands of an evil cyber-warlord wreaking havoc across the internet. And those armies, called botnets, have enough firepower to shut down a considerable portion of internet services at the same time.
Here’s a quick rundown of what botnets are, why they’re so dangerous—and what you can do to protect yourself.
What is a botnet?
A botnet is a network of devices compromised by a malware the enables cybercriminals (called bot herders) to remotely command them without their real owners’ knowledge or consent. Bot herders control their botnets through command-and-control servers and employ them for various kinds of attacks.
The most common use for botnets is distributed denial-of-service (DDoS) attacks, in which the bots are commanded to flood a website or server with a very large number of simultaneous requests in order to overload and shut it down. Other uses for botnets include stealing financial information, or conducting massive click-fraud campaigns.
Botnets have been around for decades, as far back as 1988, when the Morris worm was unleashed. However, in recent years, they’ve turned into a major threat that accounts for billions of dollars in losses to their victims. Some of the most damaging cyberattacks of the past year were conducted by botnets, including the internet blackout of Oct. 21, 2016, which was caused by the Mirai botnet. An estimated 500 million devices become infected with botnet malware every year, amounting to 18 victims per second.
- The best free VPN to maintain your privacy online
- How to protect yourself against ransomware
- 10 reasons you need to ditch Chrome for the Opera browser
- The best free antivirus tools for Windows and Mac
Why are botnets such a problem now?
One of the major reasons that have contributed to the rise of botnets is the growth of the so-called internet of things (IoT). There are now billions of IoT devices connected to the internet, and they are generally more vulnerable to attacks than general computing devices such as desktop and laptop computers. Bot herders often find vulnerable devices by running a simple query in Shodan, the search engine for internet-connected devices, which has also become one of the favorite tools of cybercriminals.
Botnet owners not only use their zombie army for their own evil deeds, but also rent them out to other attackers to conduct DDoS or information theft. In 2009, the developer of the Bredolab botnet, earned an average $125,000 per month by renting access to his network of compromised computers to other attackers. More recently, the creators of Mirai offered to their botnet for $7,500 per hour, which could be used to launch 1 terabit/second DDoS attacks.
How can I protect myself from botnets?
What makes botnets especially dangerous is that in most cases, devices become infected with the malware without their owners ever taking note. Your computer might be instrumental in a cybercrime without you ever taking note, aside from slightly slower performance or an unusual increase in internet traffic, symptoms that most average users will not investigate. This is even more accentuated in the case of IoT devices, which are often installed and forgotten.
However, here are some things you can do to prevent your devices from becoming secretly involved in cyberattacks.
- Keep all your software, hardware and firmware up to date with the latest patches. That includes your connected appliances. Most botnet masters find their targets by searching for devices with unpatched vulnerabilities and inflicting them with malware.
- Change factory settings, especially on smart devices, which usually have default passwords and device names. Botnets often scan the internet for devices with unchanged factory settings to compromise them. While you’re at it, avoid weak passwords as well, because they can easily be cracked by brute force and dictionary attacks.
- Don’t leave unnecessary features and network ports open on your software and devices. Reducing your attack surface will make you stronger against attackers.
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.