What Are Bots, Botnets, and Zombies?
Computer attacks are always changing, and the technology industry has developed numerous industry terms that may sound similar to the layman’s ears. Terms like bot, botnet, and zombie may all evoke images of mindless hordes, but though related, these are actually distinct terms with specific definitions. In this blog, we’ll review these common cyber threats and how they may impact your organizational security.
What Is a Bot?
A bot is an abbreviation for “robot” and denotes a type of software, application, or code script that can be commanded remotely by the attacker. This webrobot effectively gives the attacker control over your device.
How Does a Bot Work?
The goal of a bot is to perform its desired function for as long as possible while avoiding detection. For that reason, the user of an infected machine may not realize their device is being remotely manipulated. Though the user may be unaware, the device could be spamming the user’s entire email contact list with phishing messages that will appear as though they are sent from a legitimate source.
While this bot activity sounds nefarious, a distinction should be made between good bots and bad bots. There are many different types of bots that are each designed to serve different purposes, such as social bots, internet bots, spambots, Search engine bots function as webcrawlers for indexing web pages on the internet to determine search rankings. Alternatively, chatbots are used in customer service settings to improve the user experience and facilitate communication with a human user. Some bots may even leverage artificial intelligence or machine learning to improve their functionality.
For this conversation, however, we will be referring to the malware, malicious bots, and the resulting consequences.
What Is a Zombie in Computing?
After a device has been infected by a bot, the infected computer is now referred to as a zombie, because it is being remotely animated by the attacker. The zombie no longer has a will of its own.
What Are Botnets?
One zombie under the control of a bot is a useful thing to an attacker, but their usefulness increases in groups. Attackers will attempt to infect dozens, hundreds, or thousands of computers with the same bot and unify to perform coordinated malicious activities on a large-scale. Those activities could include a variety of automated tasks or repetitive tasks targeting the device or software application, such as an account takeover attack, identity theft, credential stuffing attack, distributed denial of service attacks (DDOS attacks), or other malicious attacks.
How Do Cybercriminals Use Bots, Botnets, and Zombies?
Bots, botnets, and zombies can be used in any number of ways, and there are many social engineering attacks that target human beings to watch out for. Some of the most popular bot attacks include:
- Using bots to send spam, phishing emails, or smishing through instant messaging on Facebook Messenger or other social media platforms.
- A bot can send personally identifiable information to the attacker, helping them to steal the identity of the device’s owner.
- Performing denial-of-service (DoS) attacks. A DoS attack is when a cybercriminal orders their botnet to flood a website all at once. The bots will repeatedly perform actions on the website, such as filling out webforms, contacting the company, and clicking through pages. The goal of the attack is to overload the resources of the website and cause it to crash.
- Sometimes the botnet is leased out to another cybercriminal who has a specific target in mind.
How to Protect Yourself Against Botnet Attacks
Like all security challenges, there is no silver bullet to protect your device against all attempts to infect it with a bot. However, there are some basic strategies that can greatly reduce your risk. These include:
- Do not click on links in unsolicited emails
- For businesses, a secure anti-fraud solution is essential to combat zombie attacks
- If an email seems suspicious, it is. Do not click on links, even from friends and family, if they seem fraudulent or suspect.
- Set your anti-virus and anti-spyware software to automatically update as soon as a patch is released. Staying current will eliminate many known vulnerabilities in your system.
- Enroll in multi-factor authentication options whenever possible
Be sure to follow these strategies at all times and train your employees to do the same. It only takes a single wrong click to infect your device, so vigilance is important.