Before we attempt to understand Botnets we need to understand what an IoT is. IoT stands for Internet Of Things which is a term used to describe a network of interconnected devices.
Now a Botnet is a network of IoTs that are infected and controlled by malware.
Users are often unaware of such Botnets lurking in their IoT network. Infected networks are controlled remotely by perpetrators and often used to send spam email, generate malicious traffic for DDOS attacks or engage in redirecting fraudulent Ad traffic to sites and run misleading campaigns.
How does Botnet affect IoT?
Botnet infections occur through malware such as Trojan Horse. Once it gains access, the Botnet malware automatically scans the victim’s system for entry points — often unpatched vulnerabilities in the system or outdated software.
Once settled in, the malware lays dormant waiting for the opportunity to spread its reach to other devices on your network. The goal of the Botnet malware is to spread to as many devices as possible. After infecting enough devices, the attacker activates the program and starts to issue commands either via a client-server or a peer-to-peer network.
It’s hard for users to detect Botnet malware due to the fact that they lay dormant until the attacker activates them and even when they are activated they are programmed to skim off the victim’s resource to keep them undetectable due to their large numbers. It is one of the primary reasons why they are programmed to spread to as many devices as they could and stay inactive until they have a sizable chunk of resource to deploy.
Also read: What is a Honeypot attack? How to deploy it
Some notable Botnet attacks
In late 2016, a powerful record-setting DDoS attack was observed worldwide, which later traced back to a malware called Mirai. The DDoS was carried out by Botnets primarily consisting of router and CCTV cameras.
The Mirai malware mainly targeted routers and CCTV since many users often failed to reset their device’s factory default passwords.
The Botnet Srizbi discovered in 2007 was the most massive Botnet infection in the world at that time. It was also the Ron Paul (A ’07 US presidential candidate) spam Botnet. It supposedly sent around 60 million spam emails a day promoting Paul’s run.
It was later shut down by California based hosting provider McColo when they discovered that the attackers/supporters were using their hosting services for the spammy campaign.
A successor to the original Botnet named Zeus, Gameover Zeus employed peer-to-peer network approach to affect its victims. PTP made it harder for security experts and the authorities to catch the perpetrators behind the attack.
The hunt was so severe that the US-based FBI offered a $3 million bounty for one Evgeniy Bogachev, who was the alleged mastermind behind the attack. Bogachev is still at large and more advanced versions of the Gameover Zeus Botnet has since emerged in the interwebs.
How can we protect our devices from Botnet attacks?
Botnets are evolving, and with each iteration, it can be challenging to protect your device from a Botnet attack, but there are some tips that should keep your bases covered.
- Install reliable antivirus software and keep it updated.
- Be careful about where you click, open or download on the internet.
- Allow your OS and your software to automatically update as many developers immediately push out patches when there is a security breach.
- Keep an eye on the process tab on your task manager for any strange or unidentified program.
- Always change your device’s factory default password.
With increased connectivity features with all our smart devices, attackers have newer ways to exploit our devices for nefarious purposes we have to be vigilant with them as our property and personal security is at stake in the world of IoT.