What is a Botnet Attack and How Do You Stop It?

Share This

Hackers have many different tools at their disposal to access your computer. Some of these tools can even control your machine such as a botnet attack! When a hacker controls your PC, your computer is now part of a network made up of other compromised devices that they control. This compromised network is known as a botnet, and you don’t want to be part of it!

What makes a botnet network unique is that it’s often made up of a variety of different Internet-connected devices from all over the world. A typical botnet network is more than just compromised workstations and smartphones, although these technologies certainly make up the majority of the compromised devices. Basically, anything that connects to the Internet can be controlled by a hacker and incorporated into their botnet network.

This makes botnet attacks especially dangerous in the upcoming years as “the Internet of things” expands exponentially. The Internet of things refers to the vast amount of devices that are constantly being added to the Internet. Many of these devices are pieces of equipment that one would have never thought would be Internet enabled, like cars and home appliances. The majority of new Internet-connected devices includes small gadgets that have a singular purpose like gathering valuable data and using the Internet to feed a database the collected information in real time.  This includes devices such as: Security cameras, fitness trackers, temperature gauges, media players. Many businesses employ these small Internet-connected devices for analytics purposes, so much so, that IDC projects the total number of things connected to the Internet will be 212 billion by the end of 2020.

Botnet attacks will indiscriminately go after all of these different devices connected the Internet and find success with a variety of them. Therefore, a hacker with their own botnet network may potentially have thousands of devices at their disposal and under their control. A hacker’s control may be over just a few functions of a device, or it may extend to controlling the device entirely.

Due to the hobbled-together nature of a botnet network, botnet attacks are often likened to a zombie virus. Just as a hacker’s compromised network often consists of random devices that they have some control over, so does a zombie hoard consist of people from all different shapes and sizes with limited movement; and, just like a zombie horde is dangerous with one goal in mind (BRAINS!), a hacker’s botnet network can do some serious damage when they direct everything they control to do one attack (known as a distributed denial of service attack, or DDoS).

How do you know if your computer or Internet-connected device has been breached by a Botnet attack and is subsequently in the control of a hacker? It can be very difficult to tell if you’ve been compromised because many successful botnet viruses embed themselves in a system and will just sit there dormant, awaiting to receive a command from their creator via Internet connection to do something (like a spiral-eyed “your wish is my command” situation). Therefore, it’s good to stay vigilant with your virus scans that look specifically for the latest botnet infections, instead of waiting to take care of a botnet attack only after you notice symptoms.

The way to remove your device from a botnet network is to interrupt communications to the hacker’s command-and-control server. This can be achieved by simply disconnecting the device from the Internet. However, once the device is reconnected to the Internet, it will send a signal to its hacker commander, telling them that it’s ready to resume its task. This is why it’s so important to remove the Botnet code entirely because the hacker can find their target from anywhere over the Internet, even if the ISP address changes.

Protecting your business from botnet attacks requires a strong firewall and updated virus protection solution. You likely have this kind of protection for your company’s workstations. You will also want to make sure that this level of protection extends to everything that connects to your network, like mobile devices, kitchen appliances, wearable technology, and even basic data collecting devices that your business may be taking advantage of. To equip your business with a comprehensive security solution that will stop the attacks from mindless bots, give Protek a call at 801.999.4767.