Bots

Bad Bots and Good Bots

A bot is software that performs automatic, repetitive, and predefined tasks. Bots usually mimic or replace human behaviour. Because they are automated, they work much faster than human users. Bots perform useful tasks such as customer service or search engine crawling, but they can also be malicious programs used to take complete control of a computer. Unlike many other cyber threats, bots can be difficult to defend against. Because there are both good and bad bots, it can be difficult for cybersecurity protection to distinguish between them. Bots account for more than 42% of all internet traffic, while bad bots account for 30% of all internet traffic. 

The role of botnets in cyber attacks

Malware bots and internet bots can be programmed to break into user accounts, search for contacts on the internet, send spam or perform other malicious actions. To carry out these attacks and to mask the source of attack traffic, attackers can spread bad bots on a botnet. A botnet is a set of devices connected to the internet, each running one or more bots, often without the knowledge of the device owners. Because each device has its own IP address, botnet traffic comes from multiple IP addresses, making it difficult to identify and block the source of malicious bot traffic. Botnets can often grow themselves by using devices to send spam, which can infect more machines.

Common infection methods for malware bots

One of the most common ways bots infect computers is through downloads. Malware is delivered in downloadable form via social media or email messages asking you to click on a link. The link is often in the form of an image or video, both of which contain viruses and other malware. If your computer is infected with malware, it may be part of a botnet. The bot may also appear as a warning saying that your computer will get a virus if you do not click on the associated link. Clicking on the link will later infect your computer with the malware.

Impact of malware bots on consumers

While malware bots cause problems and issues for organisations, the dangers for consumers include their potential for data and identity theft, storing sensitive information such as passwords, bank details and addresses, and phishing. Malware bots easily go undetected. They are easy to hide on your computer and their filenames and processes are often similar or even identical to normal system files or processes.

Botnets and cybercrime: phishing, identity theft, and financial fraud

Cybercriminals may try to use botnets to send phishing or other scams to trick consumers into giving away their money. They may also collect information from bot-infected machines and use it to steal identities and take out loans or make payments in the user’s name.

Botnets in DoS and DDoS attacks

Criminals can use botnets for DoS and DDoS attacks, flooding legitimate services or networks with crushing traffic. The volume can severely slow down the responsiveness of a company’s service or network, or it can overwhelm and shut down a company’s service or network altogether. Revenue from denial of service attacks comes from extortion (i.e. pay or have your site taken down) or payments made by groups interested in causing damage to your business or network. Such groups include “hacktivists”, i.e. hackers with political agendas, and foreign military and intelligence organisations. Cybercriminals can also rent out their botnets to other criminals who want to spam, scam, phish, steal identities, and attack legitimate websites and networks.