What is Botnet and How Does Botnet Works?

botnet

What is a Botnet?

How Many Bots Make a Botnet?

Why are Botnets Created?

  • Credential thefts
  • Click frauds and adware
  • Email Spamming
  • Phishing attacks
  • Ransomware
  • DDoS attacks
  • State-sponsored disruptions
  • Bitcoin mining

How Do Botnets Work?

  • Traditional Client-Server Approach: This is a centralized system where commands are sent to the bots by the bot herder from the Command-and-Control (C&C) Center. The bots are dormant until commands are received from the C&C server. Owing to the disruptions caused by single points of failure, this approach is seldom used by attackers.
  • Peer-to-Peer Network Approach: This is a decentralized system where a device can serve as the client and command center. Each bot is connected to only a limited number of other devices. P2P filesharing is used for malware updates. In totality, these are harder to track and difficult to mitigate.

How to Disable an Existing Botnet?

  • The command servers must be shut down to stop the zombie network. While this is easier in the traditional command approaches, this is difficult to achieve in the more sophisticated P2P networks.
  • In P2P approaches, the malware must be identified and removed from the source devices. P2P communication methods can also be replicated to disable the bot network.
  • Individual devices may be reformatted/ undergo a factory reset, backups reinstalled or other strategies from the manufacturer/ system admin be used to eliminate an infection.

Conclusion: How to Protect Devices from Becoming Part of a Botnet?

  • Creation of strong passwords
  • Periodic wiping and restoring of the system
  • Provision of third-party code execution permissions only to trusted, whitelisted entities
  • Regularly updating and backing up devices
  • Use of effective firewalls or WAFs to filter traffic and monitor activities, especially to prevent DDoS attacks.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Indusface

With cyber-security products built in the cloud and the most advanced intelligence platform, our variety of solutions will help you prevent today’s risk