Blog / What are Botnets?
Are they really just a tool for the bad guys?
Computers are complicated. Even the people who work with them all the time don’t know everything. Just look at the different fields in IT; cybersecurity, computer engineering, software development, and on and on. It’s impossible for any one person to understand every last detail. Due to this level of complexity, there is a endless river of new words and terms being invented to describe some new aspect of it all. Sometimes it’s as simple as coining an interesting acronym or even just smushing two words together. With that in mind, the term Botnet, which I brought up in our previous newsletter, is one such word. In fact, after getting some feedback I realized some people don’t know actually understand what they are so this week I thought I’d take a little time and explain.
So what is a botnet?
The term “botnet” comes is a mashup of the words “robot” and “network.” Remember we’re going by the real life definition of a robot here, not the movie one, so in our case a robot is just a device that waits for and acts on whatever instructions it receives. A network (again, in terms of real world computers) is simply a collection of devices that talk to each other. Taken together, a botnet is just a collection of devices that wait for instructions to execute.
Ok, then what do botnets have to do with malware and bad actors?
Well, the specifics are pretty technical, but essential what happens is hackers compromise devices to use of them for whatever it has been setup for. Some can run software, others can generate traffic, and so on. There are plenty of options and it all depends on what the creator built the botnet to do. They also vary greatly in size. Some botnets are only a few dozen machines, while others number in the tens or even hundreds of thousands of devices.
It’s the size of some of these botnets that makes them so powerful. If you control a botnet of 100,000+ computers and can use the individual devices to generate traffic, then you can use the entire botnet to overwhelm just about any website or service on the internet. Other Botnets can be used to mine crypto currency. Having one machine do your bidding is not that big a deal. Having thousands of them, even if they do not individually have a lot of computing power, can be used to great effect. Methbot, for example, was a massive botnet of over 300,000 devices that turned each one into an ad viewer. The bots “watched” video ads to generate money for the botnets controller(s) amounting to millions of dollars a day, and because it watched videos as fast as possible, there wasn’t an enormous impact on CPU usage. Memory use went up depending on how many ads the device was watching at a time, and network usage was very high. The point? Depending on how devices were being used, it was tricky to figure out when something was even wrong.
If you’d like to learn more about botnets or have any other questions about your cybersecurity program, contact one of our experts and get yourself some stress-free IT.
Courtesy your friendly neighbourhood cyberman.