A botnet is a group of computers infected with malware and controlled by a malicious person. The term comes from combining “robot” with “network,” and each infected device is referred to as a bot. Botnets are created for different reasons, including activism, state-sponsored disruption, and profit. The infecting malware can be used for various illegal or harmful tasks, including spamming, stealing data, or launching distributed denial-of-service (DDoS) attacks. Without the proper updates and layers of security, all devices utilizing the Internet are vulnerable to being recruited into a botnet.
A botnet is controlled by a botnet “herder” – or bot herder – who sends updated instructions to each bot. Botnets can recruit more unprotected devices by exploiting website vulnerabilities, using Trojan horse malware, or cracking weak authentication to gain remote access. The number of bots in a botnet can range from a few thousand to over a million, but it is hard to pinpoint the exact number.
Botnets can be structured in two ways: the client/server model or peer-to-peer model. In the client/server model, bots connect to a centralized server or a small number of centralized servers to receive instructions. In the peer-to-peer model, botnets have no centralized server, making it more difficult to disrupt them.
Internet of Things (IoT) devices – such as appliances and home security devices – are also vulnerable to botnet attacks, as they have weak or poorly configured security, creating an opening for botnet malware to recruit new bots into the collective. Outdated firmware can make it difficult to update IoT devices, so it is essential to ensure that they are up to date to mitigate the risk of becoming part of a botnet. While restorative measures such as factory resets are helpful in dealing with an infected device, it takes more time and money to restore devices than to ensure the proper security is in place.
Looking to learn more? We suggest heading over to Cloudflare’s Learning Center for an in-depth look at botnets.
Share this:
