Voice of the Jaabc Editors

Botnet Cybercrimes: The Creeping Threat to Computers

The cyber world has already acknowledged the great contributions of the computer/Internet duo to the 21st century. By virtue of this venerable duo, business as well as society have come to operate very efficiently in their respective areas. Similar to most technologies, though, computer/Internet duo has also made computer users susceptible to unscrupulous individuals who expose our business and social fabrics to threats of being manipulated stealthily for cybercrimes without our knowledge. A case in point, are the emerging botnet.

Botnets are network of private computers infected with malicious software and controlled as a group without the computer owners' knowledge. Any such controlled (or enslaved) computer is referred to as a computer "robot" or "bot" that serves the wishes of some master spam or virus originator.

The relentless push to add connectivity to home gadgets is creating dangerous side effects that are destined to get even worse. A botnet (AKA a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam messages or paralyzing viruses) to other computers on the Internet.

In terms of age, the clandestine botnets have been in existence for a dozen of years, but now the secrets are out. As early as 2000, hackers were breaking into computers over the Internet and controlling them as a group from centralized systems. Among other things, the hackers used the combined computing power of these botnets to launch distributed denial-of-service attacks, which flood websites with traffic to take them down and to immobilize their intended functions.

Denial-of service attacks have debilitating, if not crippling, effects on business. A brief definition of the term will disclose its threat. In computing, a denial-of-service attack (DoS attack) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.

Presently, the problem is getting worse due to a flood of cheap webcams, digital video recorders, and other gadgets in the Internet of (related) things. Because these devices typically have little or no security, hackers can take them over or rather enslave them with little effort. As a result, that makes it easier than ever to build huge network of botnets that take down much more than one site at a time.

In 2016, a botnet made up of 100,000 compromised gadgets threw an Internet infrastructure provider partially offline. Taking down that provider, Dyn (a company), resulted in a cascade of effects that ultimately caused a long list of high-profile websites, including Twitter and Netflix, to temporarily disappear from the Internet. More attacks are sure to follow: the botnet that attacked Dyn was created with publicly available malware called Mirai that largely automates the process of coopting computers.

Botnets are used to commit click fraud, as well. Click fraud is a scheme to fool advertisers into thinking that people are clicking on, or viewing, their ads. There are lots of ways to commit click fraud, but the easiest is probably for the attacker to embed a Google ad in a Web page he owns. Google ads pay a site owner according to the number of people who click on them. The attacker instructs all the computers on his botnet to repeatedly visit the Web page and click on the advertisement. Dot means profit! If the botnet makers figure out more effective ways to siphon revenue from big companies online, we could see the whole advertising model of the Internet crumble.

Similarly, botnets can be used to evade spam filters, which work partly by knowing which computers are sending millions of e-mails. They can speed up password guessing to break into online accounts, mine Bitcoins, and do anything else that requires a large network of computers. This is why botnets are big businesses. Criminal organizations rent time on them. BTW, a Bitcoin is a digital currency (also called crypto-currency) that is not backed by any country's central bank or government. Bitcoins can be traded for goods or services with vendors who accept Bitcoins as payment.

The botnet activities that most often make headlines are denial-of-service attacks. Dyn compnay seems to have been the victim of some angry hackers, but more financially motivated groups use these attacks as a form of extortion. Political groups use them to silence websites they hate. Such attacks will certainly be a tactic in any future cyberwar.

The threat of rising botnet cybercrime is becoming ominous. The best defense would be for everything online to run only secure software, so that botnets could not be created in the first place. This will not materialize anytime soon, however. Internet of things devices are not designed with security in mind and often have no way of being patched. The things that have become part of Mirai botnets, for example, will be vulnerable until their owners throw them away. Mirai (Japanese for "the future") is malware that turns computer systems running Linux into remotely controlled "bots", that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as remote cameras and home routers.

‎It has been forecast that botnets will get larger and more powerful simply because the number of vulnerable devices will continue to proliferate over the next few years. Consequently, we should all be aware and wary of the specter of creeping effects of botnets in the landscape of our computer environment.

Z. S. Demirdjian, Ph.D.

Senior Review Editor

California State University, Long Beach, Ca