Updated: Nov 12, 2020
Ever get bothered when someone uses your stuff without asking?
That is what happens when your device is hijacked to a botnet. Botnets, or robot networks, are used in various scams and large attacks to steal data, crash servers, and wreak havoc. Several thousand devices can be used simultaneously on attacks.
How Do Botnets Work?
Remember the advice cybersecurity professionals spewed repeatedly about not clicking links in emails and text messages? Well, it turns out that was sound advice to aid in avoiding this mess in the first place.
You see, it all goes back to malware injected as links in texts, emails, and social media. Your connections don’t mean to pass on the malware just as they didn’t mean to get it themselves. But just as any virus (cyber or otherwise), once it starts, it multiplies and spreads. Unlike a cold or flu, however, this malware won’t go away with time.
Botnets are reused, sold, and reused again and again. Simple automation software
allows a single person or sometimes a small team to operate and control vast amounts of devices.
Devices, as in everything that connects to the Internet: computers, routers, servers, vehicles with Bluetooth, Smart homes including appliances, televisions, security cameras, wearables, cellphones, and the list goes on.
Botnets Are the Workhorses of The Internet
But cybercriminals use it for profit or to cause disruptions in service (DDoS for distributed denial-of-service). When used this way, entire organizations can be halted costing companies in the millions of dollars of lost revenues, fines, and lawsuits.
While this wasn’t related to a botnet that we know of, look at an example of the costs for damages in fines alone to Marriott International Inc. Marriott had acquired Starwood Hotels and Resorts in 2016. Starwood had a breach going since 2014. But Marriott failed to stop the breach until 2018. So, for four years this breach was persistent in collecting data: names, addresses, phone numbers, passport numbers, and even credit card numbers.
Marriott International has been fined $23.8 million for failure to protect the privacy rights of their customers. (That is a considerable amount even though the original fines were $128 million.) It is estimated that 339 million customers were affected.
What Can Botnets Do?
Some of the common ways botnets are used to greatly annoy users are:
Spamming email in-boxes
Generating fake Internet traffic to websites
Web application attacks to steal data
Validating lists of leaked credentials
Pop-up ads to get you to buy fake anti-virus packages
Installing and running applications
The more serious and damaging ways botnets are used, according to Kaspersky
Sabotage of services
Selling access to other criminals
Referencing the Marriott (Starwood) breach mentioned previously, the nightmare does not end here. For the customers, their personal data has already been sold multiple times. Cybercriminals work fast, as they know it is only a matter of time before the information will no longer be available.
Those who act, can stop the bleeding, and save their credit. The sad truth is many
people do not act or wait until things get much worse.
It is important to understand that a botnet can be used for many types of attacks that strike quickly or linger for long term. Proper protection and management solutions are available to businesses and suited for your needs.
To find out more about solutions suitable for your business, contact CyberCulture, LLC today.