What Is a Botnet?
Robot armies on attack may sound like science fiction, but this is a security reality we’ve been facing for some time. You may have heard of recent threats where popular websites were knocked completely offline, or servers were forced to mine for cryptocurrencies by giant “botnets”. But you might not have known exactly what a botnet is, and how the devices in your home could easily become part of one.
A botnet is a collection of connected devices, or “bots” (short for robots), that are infected and controlled by malware. These devices could include your PC, webcam, or any number of connected appliances in your home. The cybercriminals who distribute malware to create botnets are generally looking to use the combined computing power of all the infected devices to launch much larger attacks.
Take, for example, the Mirai botnet, which infected millions of consumer devices such as IP cameras and home routers to launch a distributed denial of service attack that was able to cripple major websites such as Netflix, Twitter, and Reddit. Mirai took advantage of the low-level of security on most home connected devices. All the malware had to do was guess a password—many of which are known factory defaults—to seize control.
Botnets have been around for a long time, with the first instances recorded in the early 2000s as a way to send massive amounts of spam emails. But these days cybercriminals are eyeing the huge computing potential of millions of IoT devices to create botnets that can launch targeted attacks, or make money.
Some large botnets have become money-making enterprises unto themselves, with cybercrooks reselling their resources to users who want to launch their own attacks, say against online gaming rivals.
But, no matter what a botnet is used for there are a number of reasons why you don’t want your computers and devices to wind up as part of a nefarious network. Botnet malware can significantly slow down your computer or device, and keep it from functioning properly. In the case of computers, this slowdown can potentially keep you from downloading critical security updates, leaving you at an even greater risk for data theft. The malware can also be used to spam your friends and contacts in your name, and launch attacks against other networks, all without your knowledge.
Follow these important tips to keep your devices from joining the botnet army:
- Change Device Passwords—The first thing you want to do when you get a new IoT device is to change its default password, making it much harder for a potential attacker to gain access. Check your user’s manual for security settings. If the device has little or no built-in security, consider investing in more secure devices.
- Keep your software up-to-date—This goes for both computer software and device firmware. Manufacturers regularly release software updates that can protect you from known vulnerabilities, so you want to make sure that you are always running the latest versions.
- Always Use a Firewall—Firewalls monitor traffic between your Internet connection and your devices to detect unusual behavior. Even if one of your devices is infected, a firewall can keep a potential attacker from accessing all the other devices on the same network. Firewalls are often included in comprehensive security software, ensuring that all your computers and devices have protection.
- Setup a Separate IoT Network—Instead of putting all your IoT devices on your regular home network, consider setting up a guest network that doesn’t share access to your other devices and data. Check your router manufacturer’s website to learn how. Or, consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point.
- Practice Safe Surfing—So called “drive by” malware, which can infect your device simply by visiting a compromised website, or clicking on a dangerous ad, is being increasingly used to create botnets. In fact, millions of websites are now thought to be infected with crypto-mining malware. That’s why it’s important to be careful where you click. Make sure that you are using antivirus software, and that you enable ad blocking.And to prevent your computer from being infected with crypto mining software specifically, you may also consider installing a browser extension such as Chrome’s No Coin, or Opera for Android. Both actively block coin miners.