Everyday botnets are growing larger with no end in sight. It’s estimated that one fourth of personal computers connected to the internet are part of a botnet. This is a troubling statistic for anyone concerned with network security.
A botnet is a group of computers all infected with malicious software that allows the controller of the software to remotely manipulate the computers into doing a variety of tasks. These collections of computers usually number around 10,000 to 20,000 PCs but larger botnets consisting of millions are known. The most prevalent botnet is Storm with an estimated 1 to 25 million infected computers.
A user can be infected by a botnet through browser security exploits when visiting a webpage, spam email or by downloading a trojan horse. A popular method of the trojan horse is in keygens for pirated programs, which antivirus programs tend to flag but other users reassure it is due to the illegal nature of the program and not the trojan itself. Other novel new ways of infecting computers are being discovered. Recently researchers from the Stevens Institute of Technology created a UAV* capable of flying around and accessing weakly or unsecured networks. That lack of security could open the floodgate for malcious software to be introduced into it.The botnets are used for a variety of purposes such as DDoS attacks, spamming, traffic monitoring, key logging and phishing. One of the well known phishing attacks, and one I’ve dealt with personally, mimics an antivirus program and “alerts” the user as having many infected files. It then prompts the user into buying the program by entering identity and credit card information.
It’s hard to say if there will be any way to stop the proliferation of the botnet. With state actors beginning to use botnets for cyberwarfare there will be less incentive for governments to stop them. With botnets like Storm having the ability to defend itself from attacks through DDoSing the attacker, they are becoming harder and harder to defeat.