Cybersecurity Services, IT infrastructure management
Sep 13, 2017

Internet bots - Boon or Curse


You want your television to read your emails, you want your camera to upload pictures straight to your social media accounts, you even want your car stereo to fetch your contacts and make the necessary calls but are you aware of the uninvited friends you are making in the process of being overtly technology friendly?

A little over one and half decades back, hackers intruded into personal space from centralized systems via Botnet. What has changed since then is the size, intensity and reach of these botnets that has grown four folds if not more. All thanks to the umpteen devices we use that are armed with internet. All these gadgets in the ‘Internet of things’ are the worst enemies, Gen Y has made. They can leave you broke, isolated and exposed and you’d not even know till they want you to.

What is a Bot? According to Wikipedia, “an Internet bot, also known as web robot, or simply bot, is a software application that runs automated tasks (scripts) over the Internet” whereas a botnet is defined as “a number of Internet-connected devices, each of which is running one or more bots.” Botnets have become one of the most effective weapon in the hacker society’s armory and is increasingly being utilized to perform a wide assortment of assaults including spreading malwares, stealing data, sending spams, DDoS (distributed denial-of-service) attacks to even controlling the end-devices.

One of the most popular botnets, “ZEUS”, was widely used to steal banking and credit cards information and is estimated to have impacted over 4 million end-user devices in the US since 2009. Another dreadful example of botnet attack is the “2016 Dyn cyberattack” where hackers targeted Dyn, one of the world’s most reputable DNS provider, and shut down over 70 websites including Amazon, Twitter, BBC for a few hours, resulting in revenue and sales losses of more than $100 million.

You must be wondering does this all end with money? Are hackers stacking insane amounts of wealth? Is that all they are looking forward to? Well, the answer is no! The brains and hands behind the attacks do not always have similar motivations. Some might use them for financial gains, whereas political groups might use them to silence the websites that are not aligned to their ideals and so on.

Such attacks leave people thinking if the best solution is to run everything offline, reducing chances of Botnet creation. However, unfortunately that isn’t an option for most of the internet companies and users. Also, simply logging off from the internet is not enough to prevent Botnets. Botnets, most often, remain active until owners dispose their devices, which is rare as most often they are not even aware of any malware existence in their systems. It wouldn’t be wrong to say if this massacre in the “Internet of things” continues we’d make the mouse a weapon and head towards a cyber-war. Destruction would follow suit. On-line as well as offline.

Botnet examples have been seen to infect prominent organizations or people leaving ordinary internet users to live under the illusion that they are not on the threat radar. For all one knows, he/she might be part of an active botnet. That’s how omnipresent botnets are and that’s how powerful they are.

So isn’t there a defense mechanism in place? Well once you know a botnet exists, you can attack its command-and-control system. But this was an option when botnets were just stepping into our system and were rare. No longer is it so. However, to place the truth objectively one can definitely opt to secure themselves against the effects of botnets. For instance, they can opt for defense shields that are sold by several companies. But the effectiveness of these shields varies, depending on the severity of the attack and the type of services being bought.

But truth be told we are more likely on the weaker side when it comes to botnets and their creators. This is only the beginning. More dreadful experiences are yet to come.

Disclaimer: The information and views set out in these blogs are those of the author(s) and do not necessarily reflect the official opinion of Microland Ltd.