Want to steal data? Then send out a bot. These little devils have become the scourge of our online lives.
Cybercriminals distribute malicious software (malware) that turns your computer into a bot (robot) which they then get to carry out tasks over the internet without you knowing. Lots of infected computers form a network or botnet. They’ve given hackers and cybercriminals the ability to send out millions and millions of spam emails and massive Distributed Denial of Service (DDoS) attacks.
The 2015 Online Trust Audit & Honor Report was recently issued in the US. This is an annual audit which tests the security vulnerabilities of nearly 1,000 sites. Those tested included leading banks, retailers, social, media, government and internet of things sites. The report found that social media websites were the worst with what was described as a “dismal” 66 per cent pass rate against a simple bot test, while over 30 per cent of the top 50 media websites were also not able detect and block the most basic bot.
Botnets can be used for anything from stealing intellectual property to financial fraud. Earlier this year gamers downloading from Steam were told to beware of fake pages hiding destructive malware and last year Federal agents in the US claimed to bring down the world’s worst botnet, Gameover Zeus, which stole $100 million from bank accounts by infecting hundreds of thousands of computers.
And it’s not just through email and text that damage can be done. Malware called Stegoloader uses digital steganography – the art of hiding information in a digital image – to carry out its work by hiding a core component of the malware within a portable network graphic (PNG) hosted on a legitimate site.
Depending on the severity of a bot attack it can also cause serious reputational damage. So how in the name of Storm, Kracken and Mariposa (some of the names given to the worst perpetrators) can you stop a bot?
Given that most bot infections occur through only two main vectors (infected files or infected websites) there are a few steps you can take to avoid infection:
- Invest in commercial anti-virus and real-time anti-spyware protection and keep it up-to-date.
- Schedule scans – daily is best!
- Disable autorun. Stick an external device into your PC with autorun enabled and you’ve effectively let a vampire through your door.
- Switch off email preview or the Preview Pane in Outlook or any similarly capable mail application.
- Think before you click on that link or email attachment even if it is from someone you know. Check the content matches your expectation from that person.
- Keep your browser upto date and secure. It’s your gateway to the internet. Disable Popup and Adware and any of the other nasties.
- Get a hardware firewall. A normal non-MI5 level firewall policy can often block the types of traffic across which botnets propagate as well as protecting you from the regular malicious traffic coming from the internet.
Above all it’s important to educate your staff. A bot can put the fear of Lucifer into you but with careful monitoring of your networks for unusual activity and strong information security and user policies, the threat of infection can be minimised.