Cyber Threats: Battling Botnets

Updated: Nov 12, 2020

Ever get bothered when someone uses your stuff without asking?

That is what happens when your device is hijacked to a botnet. Botnets, or robot networks, are used in various scams and large attacks to steal data, crash servers, and wreak havoc. Several thousand devices can be used simultaneously on attacks.

How Do Botnets Work?

Remember the advice cybersecurity professionals spewed repeatedly about not clicking links in emails and text messages? Well, it turns out that was sound advice to aid in avoiding this mess in the first place.

You see, it all goes back to malware injected as links in texts, emails, and social media. Your connections don’t mean to pass on the malware just as they didn’t mean to get it themselves. But just as any virus (cyber or otherwise), once it starts, it multiplies and spreads. Unlike a cold or flu, however, this malware won’t go away with time.

Botnets are reused, sold, and reused again and again. Simple automation software

allows a single person or sometimes a small team to operate and control vast amounts of devices.

Devices, as in everything that connects to the Internet: computers, routers, servers, vehicles with Bluetooth, Smart homes including appliances, televisions, security cameras, wearables, cellphones, and the list goes on.

Botnets Are the Workhorses of The Internet

You see, not all botnets are used for bad things. For instance, botnets are connected to computers performing repetitive tasks to keep websites going such as chatrooms. They can perform simple tasks faster and better.

But cybercriminals use it for profit or to cause disruptions in service (DDoS for distributed denial-of-service). When used this way, entire organizations can be halted costing companies in the millions of dollars of lost revenues, fines, and lawsuits.

While this wasn’t related to a botnet that we know of, look at an example of the costs for damages in fines alone to Marriott International Inc. Marriott had acquired Starwood Hotels and Resorts in 2016. Starwood had a breach going since 2014. But Marriott failed to stop the breach until 2018. So, for four years this breach was persistent in collecting data: names, addresses, phone numbers, passport numbers, and even credit card numbers.

Marriott International has been fined $23.8 million for failure to protect the privacy rights of their customers. (That is a considerable amount even though the original fines were $128 million.) It is estimated that 339 million customers were affected.

What Can Botnets Do?

Some of the common ways botnets are used to greatly annoy users are:

  • Spamming email in-boxes

  • Generating fake Internet traffic to websites

  • Web application attacks to steal data

  • Validating lists of leaked credentials

  • Pop-up ads to get you to buy fake anti-virus packages

  • Installing and running applications

The more serious and damaging ways botnets are used, according to Kaspersky

Cybersecurity Lab:

  • Financial theft

  • Information theft

  • Sabotage of services

  • Cryptocurrency scams

  • Selling access to other criminals

What Now?

Referencing the Marriott (Starwood) breach mentioned previously, the nightmare does not end here. For the customers, their personal data has already been sold multiple times. Cybercriminals work fast, as they know it is only a matter of time before the information will no longer be available.

Those who act, can stop the bleeding, and save their credit. The sad truth is many

people do not act or wait until things get much worse.

It is important to understand that a botnet can be used for many types of attacks that strike quickly or linger for long term. Proper protection and management solutions are available to businesses and suited for your needs.

To find out more about solutions suitable for your business, contact CyberCulture, LLC today.

30 views0 comments

Recent Posts

See All

Cyber Serious

A new Security breach in the Cyber World occurs fast. It is one of those things that if you blink, you will miss it. By the time we read of the latest breach, another hacker hayride is underway. It is