Nowadays, ransomware remains one of the greatest internet security threats. Recently, the WannaCryptor attack that affected 350,000 computers attracted millions of views from various internet users and security agents. It almost seemed like the biggest threat we are facing today. However, today’s internet users are faced by a more dangerous vice, and these are botnets!
While ransomware attacks are really painful, they are at least visible. Botnets unleash their disastrous effects in a hidden manner. This malware can take complete control over millions of computers and other devices in a network.
Frank Abagnale, the Semalt Customer Success Manager, tells that FBI has estimated that around 500 million computers are being infected each year. An infected machine is exposed to a whole range of other security threats. For instance, it can be encrypted by ransomware and become a suitable tool for distributing malware of another kind. The cybercriminals can easily instruct the botnet to distribute spam, and the success rate would be almost 100%. All this would happen while the owners of the computers aren’t aware of what’s going on. Some experts have argued that botnets have the potential of paralyzing the internet.
Why botnets should worry you more than ransomware
There are many reasons why botnets pose a greater threat than ransomware. Also, being invisible, the effects of botnets are widespread. They can use an infected computer to send spam and other ransomware to other computers or perform denial of service (DOS) attacks. They could also be used to cheat networks. Everyone should be concerned about this threat, bearing in mind that 50 – 70 percent of email traffic is usually spammed. Among all emails with malicious attachments, 85 percent are linked to ransomware.
The owner of an infected computer faces various aspects of security risks. The criminals can harvest all the information in your emails and social media accounts. Some sell this information while others use it for malicious purposes like stealing from the victim’s bank accounts.
Botnet money-making scheme has changed
Previously, botnet operators mainly depended on spam distribution to make money. Big botnets like the Marina could send more than 90 billion spams per day. But authorities and security operators would soon catch up with big botnets and eventually dismantle the majority of them.
Innovation in the cybercrime world has yielded more resilient botnet models. They are now using the P2P (Peer-to-Peer), model. According to the architecture of P2P models, bots perform both as a server and as a client. They can send and receive commands, and this helps to avoid failures.
Other types of bots, apart from computers, are also being increasingly used. These are servers and devices in the Internet of Things (IoT) category.
Criminals are taking advantage of web servers’ relatively greater power and faster internet to redirect traffic and distribute spam. Devices in the IoT are generally inadequately secured, and this makes them easy prey for botnets. A range of tasks can be carried out using these ‘things,’ including DDOS attacks. In view of the terrific growth of IoT, the increase of bot activity in IoT devices is gravely dangerous. It’s projected that by 2020 the number of devices in the IoT category will reach 20.8 million.
There’s a possibility that more computers, servers, and ‘things’ will be enslaved by botnets if consumers and organizations don’t stay updated on the appropriate defense tools and mechanisms. To avoid falling victim of botnets, security training is the key. When people are aware of the threat, the implementation of endpoint and network security tools and solutions will yield more success. Internet security solutions vendors are now offering botnet protection that helps to detect suspicious communications of bot operators.