Have We Been Attacked By A Botnet?

By | Published On: 22 February 2021 | 3 min read |

Our devices are safe, right?  We have installed anti-virus and security software to protect them.

The term “botnet”derives from the two words – robot and network. 

Using botnets, attackers can launch widespread and remote control attacks on their targets.  They are very versatile and can modify within hours.

They attack networks without immediate notice and take advantage of servers, networks, personal computers and mobile devices.  In fact any computer device that can connect to a network can be targeted by attackers and infected with malicious malware that takes control of the device.  Even IOTs (common internet of things) devices such as home electronics or appliances.

Commonly unknown to the user, once infected the device is then remotely controlled giving the hackers, known as “bot herders”, access to specific device function.  Some can spread automatically to other connected devices. They have the ability to self-multiply, log a users’ keystrokes, collect passwords and gather financial information.

But surely these criminals will target specific companies and industries? Wrong!

These hackers use automated techniques to look for vulnerabilities across the internet and their aim is to infect as many internet connected devices as possible.  They can carry out actions from one single access point and often change the behaviour of the device to allow the bot herder control.  Unfortunately, this is often unknown to the user.

We can all be tricked very easily into opening malicious files, sent to us through emails, file sharing or social media.  According to research 91% of breaches start with an email and 94% of malware incidence was delivered by email.

And once it’s opened, the device is infected with commands being sent to infected computers by the hacker. They then have total control and can change the way the device functions. The hacker now squats inside your device and all those connected to it.

These methods are highly sophisticated and target victims with convincing phishing emails which can lead you into a malware trap.  Often these emails appear from a genuine, trusted company or individual and can even purport to be from government departments.  Click on the link and you leave yourself open to attack and the theft of critical personal data.  Not only that, but you have opened up an entire network to the hacker.

Do you know where you will be redirected if you click on the link? 

For cyber criminals, email campaigns are an easy method to deploy malware. Databases provide criminals with the ideal platform for widespread phishing campaigns and there are widespread implications if companies do not protect customer data.  Customers are at serious risk if databases fall into the hands of cyber criminals. In December 2020 UK Subway customers were targeted as part of a phishing campaign which indicated that cyber criminals had access to customer data from the company.

Common too are ad fraud botnets.  Taking over the devices’ web browser and directing traffic to specific online advertisements.  They act in stealth mode so as not to be detected by the user.  They are able to generate huge amounts of phoney traffic for ad fraud.

So if it’s that sophisticated how can we detect and prevent it?  On an individual level it’s hard, as to many the device is operating normally.

But we can put some practices in place to protect ourselves:

  • Use latest operating systems
  • Keep anti-virus up-to-date
  • Use 2 factor authentication
  • Don’t open files from unknown sources
  • Don’t click on links that appear suspicious
  • Use a service that indicates where the link redirects you

Don’t let the hacker inside your network!