A “botnet” (short for “robot network”) is a set of coordinated viruses or malware existing on many different computers-generally unbeknownst to the computer owners-that can then be used for mass nefarious actions.
For example, let’s say I want to send spam e-mails to as many people as possible. There are various ways I can purchase or otherwise obtain lists of active e-mail addresses, but another approach I can take is to try to infect as many computers as I can with bots that will then harvest all the e-mail addresses in all the address books on these computers, and send the spam e-mail to all of them. Not only will I get my e-mail broad distribution, but a lot more of those e-mails will be opened rather than automatically relegated to a junk mail folder, since they will appear to be coming from someone known to the recipient.
Or let’s say you get some tiny amount of revenue from an advertiser every time someone clicks a certain banner ad on your website. What if you could get thousands or millions of computers to all go to your website and click on that ad?
Botnets can also provide the means for denial of service attacks. Here’s a real world example: A lot of legal sports bookmaking companies around the world-in the Caribbean, in Central America, in Australia, etc.-now do the overwhelming majority of their business online rather than by phone. A few years ago, a Russian organized crime group planted bots on computers all over the world, and then had them all simultaneously log on to certain bookmakers websites at the same time. The volume was far too much for the websites to handle, effectively shutting them down for hours at a time. Infuriated customers were unable to access their accounts and make their intended wagers, leading them to curse these companies and their “unreliable” websites.
Soon the messages came to the sportsbooks: “Pay us, or next time we’ll do it the day of the Super Bowl, or the last day of the World Cup, or the day of the Kentucky Derby. And by then we’ll have a lot more computers to attack from.”
How are botnets established in the first place? The same way viruses and any of that nasty stuff infects computers. All kinds of things, good and bad, are constantly being transmitted to and from computers all over the world that are connected to the Internet. The people trying to set up botnets probe for any openings they can find to transmit their malicious software.
Thus the way you guard against your computer becoming part of a botnet is to defend as best you can against these intrusions:
1. Have up-to-date anti-virus, anti-spyware, and firewall software installed on your computer.
2. Keep your operating system up to date. Many of the updates for Windows are patches that correct vulnerabilities that have been discovered.
3. Keep all other software up to date. Again, often the updates and improvements are responses to the threats that have developed since the last update.
Basically the bad guys keep evolving new methods and the good guys keep evolving countermeasures. If you’re keeping everything on your computer up to date, then you always have the best defenses the good guys have come up with so far. If Microsoft sees that there’s something in their code allowing malicious access to people using their Windows operating system, they send out a patch to change that code and block that hole. If your anti-virus company discovers a new threat, they make sure to update their software to be able to spot and delete it. But it doesn’t matter how well Microsoft and your anti-virus company and others are staying on top of things and sending out these countermeasures if you never accept them and just continue on your merry way with all your software as it was when you bought it.
4. Be very cautious about downloading things you find online, or opening attachments you receive via e-mail. Make sure you know and trust the source. When in doubt, don’t risk it.
5. Turn off your computer or disconnect from the Internet when you have no reason to be online.
6. Be aware of clues your computer is infected. One such clue is if your computer is running noticeably sluggishly. Many things can cause this, but one is that your computer is using a lot of resources following the instructions of a bot. Another pretty definitive clue is if people complain to you that they’ve received spam type e-mail from your return address.
If you do have reason to believe you’re infected, use your anti-virus resources to identify and remove any malware on your computer.
7. Consider switching to a Mac. Macs are built to be a little bit better at defending against being exploited by malware. But perhaps more importantly, when people establish botnets, or create other malware, they try to get the most bang for their buck by attacking whatever operating system is most widespread amongst computers connected to the Internet, and nowhere near as many computers are Macs as PCs.
Think of it this way: If you were a biological terrorist trying to kill as many people as possible, and you could either release into the water system a bacteria that will devastate people of the most common blood type and have no effect on anyone else, or a bacteria that will devastate people of a rare blood type and have no effect on anyone else, which would you choose?
So it’s good to be a non-conformist; you’re less likely to be attacked.
When you defend against becoming part of a botnet, in a small way you’re protecting yourself, but even more so you’re being a responsible computer owner and not allowing your computer to be used to harm others.