Botnet attacks are on the rise in a serious way. And whether you know all about them or think they sound vaguely reminiscent of the Terminator movies, they could threaten your business — not just the big global corporations.
Here’s what you need to know about this technology and the latest developments in how cybercriminals are using them to do damage.
What Is a Botnet?
A botnet is a group of compromised computers (and/or other connected electronic devices) that an attacker controls as a unit, using some small amount of processing power on each device to function as a “bot” that can network with other compromised bots to do damage online. Think of it like those armies of synchronized drones that sometimes get used in place of fireworks to create dynamic art in the sky: each drone by itself isn’t very powerful and can’t do much, but a whole army of them can work together to accomplish quite a lot.
Why Are Botnets a Problem?
Essentially because of how flexible they can be and how much power they can amass.
Your smart refrigerator (yes, smart devices like appliances are prime targets for botnets) or a tiny slice of your laptop’s computing power can’t do much alone to perpetrate a cyberattack. But if an attacker has access to thousands of little bits of computing power working together, that’s a different story. Those devices could be used to launch certain types of cyberattacks, like a directed denial of service (DDOS) attack where a website or server is overwhelmed with thousands of bogus requests that stop real requests from getting through.
They can also be used to scan the internet at scale or brute force computations (a little like crypto mining, except definitely evil instead of just maybe morally dubious).
They look for ways into websites, servers, and systems (called ports) that should be protected but aren’t. And when they find an opening, things can get messy.
What’s Happening Right Now That’s Different?
Botnets are always with us, but they’re having a bit of a moment right now.
Security researchers tell us that on any given day there are roughly 10,000 bots that we know of, working as part of various botnets. One set of researchers had been monitoring this tech for a while and had never seen a day with more than 20,000 active bots — until December 2023. That month, numbers jumped into the mid five figures.
And by early January, the researchers were counting more than a million bots at times!
That’s a 100x scale from normal levels — enough to have people worried.
Even more worrisome: no one’s exactly sure what these botnets are (and were) doing.
Sometimes we can see attacks happening and it’s easy to make the connection. But other times botnets are doing…something. But it isn’t showing up as an active attack, so we don’t really know what.
Best guesses are that these spikes were searching for something but didn’t exploit what they found (if they found anything).
Steps You Can Take
So more than a million devices were working together to do unknown bad things last month. That isn’t great news — but even though we aren’t sure on the specifics, we do know there are steps you can take to reduce your risk.
1. Keep all your software and systems up to date: botnets look for openings and vulnerabilities, including ones that are already known. When Microsoft issues security updates, it’s closing those known vulnerabilities. Delaying updates leaves you vulnerable.
2. Work with a trusted cybersecurity partner: it’s unfair to expect your small business to keep up with cybersecurity best practices alone. Instead, work with a partner like us so you can access industry expertise and secure your systems the right way.