Everything you need to know about botnet protection
Threat researchers at TXOne recently discovered more than one billion botnet attack attempts have happened globally since early 2019. They also found the USA is the most targeted country with 316 million attacks. While this is a common and growing threat, botnets can be prevented with the right knowledge and tools.
In this article:
- What is a botnet
- Common types of botnets
- What devices can be attacked
- Signs you’re in a botnet
- How to prevent botnets
- Software to prevent botnets
What is a Botnet Attack?
Botnet is short for Robot Network. Cybercriminals use botnets to instigate an attack to perform some kind of malicious activity such as data leaks, data theft, financial theft and spam.
Once a device has been penetrated by a malicious software referred to as malware, and the criminal has taken control, that compromised device becomes known as a ‘bot.’ Often users are unaware of a botnet affecting their network.
Often cybercriminals will try to take control or infect thousands, and sometimes millions of devices known as a ‘zombie network’ or ‘bot-network’. Sometimes these criminals will sell these networks to other criminals to operate large-scale crime campaigns.
What is a botnet used for?
Cybercriminals will use botnets for things like:
- Financial theft
- Informational theft – access to sensitive or confidential accounts or research.
- Extorting services: Taking services or websites offline and extorting the organization for money to stop the attack
- Cryptocurrency scams: to mine for cryptocurrency
- Selling access to other criminals: Sometimes larger criminals will buy several botnets for larger scale crimes.
Common Examples of Botnet Attacks
Many are already aware of email spam or phishing, yet it remains the largest type of attack to date. This type of botnet attack is when a user receives an e-mail message that appears to be from a person, but is actually spam or a malicious software. Sometimes this type of botnet will spread and recruit more computers to the botnet.
Distributed Denial-of-Service (DDoS) Attacks
DDoS attack is when the attacker overloads a server in an attempt to crash a website. This renders the site or service inaccessible to its intended user. The attackers will then extort payment in exchange for ceasing the attack.
This is a type of software which sends information to the attacker about a user’s activities. Typically these attacks target passwords and credit card information. In fact, the infamous ZeuS botnet is thought to have been responsible for stealing millions of dollars.
These can be more dangerous for organizations. Smaller botnets are designed to compromise what the attacker views as highly valuable beit research, customer information or financial data.
What Devices Can be Hacked?
Most people understand that traditional computers, web servers and mobile devices can be hacked, but fail to remember that so can security cameras, smart TVs, wearable devices like smartwatches or fitness trackers. Essentially, any device that is connected to the internet is vulnerable.
How Does a Device Become Infected?
Botnets rely on finding unprotected or outdated security products including firewalls and antivirus software. Once found, an infected device will connect to other infected devices to form a network. The goal of the cybercriminal is to infect as many connected devices as possible, and to use the computer power and resources of their devices for tasks that generally remain hidden to the users of the devices.
Botnets spread through code. Sometimes the code will get there through what the industry calls a ‘trojan horse.’ This can appear when a user opens an infected attachment, clicks on a popup ad or downloads dangers software or files. Other times, websites will install software without asking permission.
Six Signs You’re In A Botnet
- Your computer fan kicks into overdrive even when you’re not using it.
- Your device takes a long time to shut down or won’t shut down properly.
- Your device is running painfully slow. Botnets typically drain computer resources.
- Your family or friends received an email or a social media message from you that you didn’t send out. Often people will mistake this as your email or social media account being attacked instead of your device.
- Higher electric bills: It doesn’t matter if your device is turned off, it can be turned back on when it’s time for the criminal to launch their campaign.
- You cannot download operating system updates and you cannot download antivirus software updates. Malware tries to prevent antivirus software from running or being installed so an inability to update your antivirus software is a pretty strong indicator.
How to Prevent Botnet Attacks
Often people who work in cybersecurity use the popular sports analogy “the best defense is a good offense.” There are many ways to prevent a botnet attack, but here are the easiest most common prevention tactics everyone should do.
1. Use Strong Passwords and Improve Existing Ones
It’s tough to remember so many passwords, but using the same “Password123” is leaving your devices vulnerable. Be sure to use more complex and long passwords that use a mix of numbers and symbols and update your passwords on devices you might forget about like your fitness tracker, SmartTV or anything else connected to the internet.
2. Update Your Software to the Latest Version
When your device offers you a new software update, don’t just click “remind me later.” The most commonly exploited software are browsers, Adobe Flash, Adobe Reader and Java. Ensure those ones are updated can lock out 65% of attacks and it’s free to do.
3. Don’t Download or Open Files from Suspicious Sources
This may seem obvious to some, but email phishing is still the most common botnet attack to date. Even more knowledgeable users sometimes fall for this trick if the bait appears to come from a family member or friend. If you receive a link or file that you aren’t expecting, be sure to check with the sender before opening.
Ensure Websites You Visit Have a Lock Symbol
Google Chrome offers a lock icon beside the hyperlink. Ensure this lock sign is on when doing any banking or visiting a website that requires discretion.
Use Antivirus Software and Ensure It’s Updated
A strong firewall helps to protect your devices against threats. Here’s what to look for:
- Be sure to invest in a product that covers all your devices, not just your computer.
- Purchase from a reputable source. Avoid online ads that are telling you your computer has been infected which are often malware in disguise.
- Sometimes a bot code will deactivate your antivirus so ensure your software is activated, updated and set to the maximum security setting.
Software to Prevent Botnet Attacks
There are free services out there from reputable companies, but often their services are limited. Avoid popup ads for free antivirus software which are often malware attacks. It’s important to invest and here are a few options:
- DataDome botnet detection and prevention
- Kapersky Total Security
- Microsoft Defender
- Trend Micro