Word of the Week: Botnet

Botnets are in the news again / still. They’re a huge problem that could get bigger.

As with many tech stories, I’m sure there are some who say, “Yeah, it’s probably important, but it’s all geek to me.”

With that in mind – a definition and some context.

A Botnet is a number of Internet connected devices, each of which is running code that was placed there by an attacker. This code is called a Bot. And when Bots are controlled together, it’s called a Botnet (Robot + Network = Botnet).

Why are Mirai and other Botnets like Reaper making the news lately? Because Botnets are still dangerous, and they’re getting much easier for bad guys to deploy and control.

Mirai was released in 2016. At that time, it took down a large portion of the US Internet. And it was launched using primarily devices like routers, cameras, and other IoT devices.

Simplistically, the devices that were under Mirai control all communicated with a central control server, and when activated, the amount of traffic they generated overwhelmed many Internet sites.

This type of attack is called a DDoS attack (Distributed Denial of Service).

After the attack, and to make matters worse, the Mirai creator (pseudonym of “Anna-Senpai”) released the source code on hacker forums.

Now others who want to launch similar attacks can use the – very successful – source code, put their own spin on it, and create potential havoc.

Most big security companies (Cisco, Arbor, Radware, Check Point, others) have good solutions that stop many attacks, but it still doesn’t mean that 100% of the net is protected.

As this article from Ars Technica shows (warning: Technical language), a Mirai strain hit again this past week. The hits keep on coming.

“OK, great,” you say. “So why write about it on a personal / family / small business site?”

Thanks for asking. Here’s why:

  1. Please don’t buy every internet connect device you see. Not everything has to be connected to the Net yet. If you do purchase an IoT device, do some research and see if the company you’re purchasing from has a patch or update policy, security policies, etc.
  2. If you’re a business, you should definitely consider either buying a DDoS solution, or working with Solution Provider who can do DDoS as a service. I know it’s an expense, but it’s one of those times to ask if it’s more expensive to buy into a solution or be offline.
  3. Knowledge is power.

Thanks for reading. Stay Botnet free.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s