What are botnets, and how to protect against them?
In today's article, we will talk about botnets, how not to become a victim of their attack ... and how not to become one of them. Without your knowledge, of course. Protection against botnets is possible in both cases. Read the article and learn more!
A botnet, as the name suggests, is a network of bots. In this case, a bot means a device - as a rule, a personal computer. Such a device, infected with a special virus, generates and sends traffic without user’s awareness. An attacker, who hacked or otherwise infected the device, thus turns it into his bot, combines bots into a single network and uses a botnet for malicious purposes.
Since creating a botnet is a much more complicated task than just hack a single computer, hacker and other criminal groups are usually involved in this action. Today botnets are usually used to “mine crypt”. But traditionally a botnet was created in order to conduct DDOS attacks. In simple terms, a DDOS attack is a server crash caused by a mass spam attack, when there are so many calls to the server that it becomes overloaded. Although DDOS protection is developing, this trend also remains traditional for Internet hackers.
Botnet: How the “army” of infected machines becomes bigger?
As a rule, a botnet ‘mobilizes’ old computers from libraries, computer classes in poor schools, post offices in the outback, and similar devices, to which progress comes last. A progress includes modern protection against viruses and hackers. A regularly updated antivirus sometimes protects from viruses, however hacking such a ‘budget’ computer is an easy task even for a novice hacker.
If the antivirus was last updated about five years ago, and the computer goes on the Internet every day, and even under the control of a not very technically advanced employee - such a computer is not just in the risk zone. Most likely, it has long been in the ranks of botnets, because protection against a hacker on such a machine weakens every day, and there appear more vulnerabilities. Having hacked such a vulnerable device, an attacker can do almost anything with it — the possibilities are limited only by his knowledge, fantasy and precautionary measures. Often, when the Internet and / or browser slows down on such a computer, this means not an overload of the operating system. This means that the computer is already in the botnet.
Another category of ‘recruits’ (botnets) are devices from the so-called Internet of Things. These are devices of the ‘smart home’ category — various machines that are connected to the Internet, but they aren’t protected from Internet threats. The level of protection against botnets (more precisely, against being infected and falling into their ranks) of such devices tends to zero.
Botnet: how devices from the Internet of Things replenish it
Devices of the ‘Smart Home’ category are becoming more common ... and cheaper. As you understand, the economy in production means that the level of protection against hackers becomes lower. There are often the simplest passwords and admin accounts, long known to hackers. The users usually do not bother themselves to create a complicated password. Hacking such a device and making it part of a botnet is elementary.
Another aspect of the problem of protection from botnets and the Internet of Things is the behavior of the state machine. It is “unwieldy” and can only produce prohibitions, and we face such a situation not only in Russia! In a seemingly advanced country like Japan, they didn’t come up with anything better than ... just hack the devices of citizens under the pretext of studying the behavior of devices and developing a nationwide defense against botnets. Yes, by default it is suggested to use the factory settings for the connection. But logging into someone else's device under a standard login and password is the same hacking as the selection of an unknown password. It is clear that protection from botnets is a global problem, and since the state claims control over the Internet, it could solve this problem as well. However, the proposed solutions are very controversial and unwieldy.
Yes, the logic of the state can be understood. An unprotected device is a potential member of a botnet. And it is very possible that has already been infected. Will be people pleased if the police open the door to the apartment because it is flimsy or closed with a weak lock, promising in the future, after analyzing the behavior of apartment thieves, to change the door to an anti-vandal one? The metaphor is not so far from the situation with the Internet of Things and protecting from botnets, as it seems at first glance.
Botnet protection: how can you protect your devices?
- Protect your Wi-Fi router with a proxy server and / or VPN, and also replace the regular password with a generated one from a set of numbers, uppercase and lowercase letters. It is better to write it down on a piece of paper and stick it on the router itself.
- If you have devices of the category ‘Smart home’ - disable access to them from the open Internet. Seriously. Your life will not collapse if you don’t check the refrigerator or the kettle from the working office.
- Use antivirus and update it regularly. Yes, on the phone too.
Perhaps, in the future protection of the devices of the Internet of Things from botnets will be better. But today these precautions are necessary. Do not let hackers steal your devices and put them into the ranks of botnets!