Botnets are networks of computers infected by malware (malicious software) and controlled remotely by cybercriminals, usually for financial gain or to launch attacks on website or networks. Botnets may infect and use laptops, desktops, servers, routers, smartphones, or any other network equipment to conduct malicious activity.
The illustration below shows how a botnet works (via Microsoft):
All computers connected to the Internet are susceptible to malware infections. If a computer becomes part of a botnet, it may wait for instructions from the “command and control” (also sometimes known as “C2” or “C&C”) computers without the owner’s knowledge. Cybercriminals like botnets because botnets give the criminal control of thousands of computers at once, and they help to hide the cybercriminal’s identity.
What does a bot do to your computer?
When your computer is infected, it turns into a “bot” (short for “robot”) or zombie. How your computer acts when infected is dependent on what the cybercriminals are trying to accomplish. Many botnets are designed to harvest data, such as passwords, social security numbers, credit card numbers, addresses, telephone numbers, and other personal information. The data is then used for nefarious purposes, such as identity theft, credit card fraud, spamming, and malware distribution. Bots can also be used to send spam or launch attacks on websites and networks, which as are sometimes referred to as Distributed Denial of Service Attacks or DDoS. Some bots will try thousands of times per hour and effectively slow your computer down, so finding those bots and stopping them is very important to your computer’s health.
What does a bot do to public networks?
Bots are particularly troublesome for public network operators such as hotels, coffee shops, and other venues. By nature, public networks typically have hundreds of new devices connecting daily. Many of these devices are infected with malware. A single infected device on a public network can use up a significant amount of bandwidth and infect other devices. Many Internet service providers (ISPs) have resorted to turn off the incoming Internet connection at public venues to prevent botnets from communicating, only turning them back on if a service like Botnet Blocker is in place.
For more information about botnets, visit http://stopthinkconnect.org/campaigns/details/?id=209.