Botnet

Group 3 IT 350

Definitions

Bot Short for robot Refers to an infected computer that takes

orders and reports back (Gassen et all, 2012)

Botnet A network of bots

Botmaster Also referred to botherder The person that controls a botnet (Gassen

et all, 2012) C & C Server

Command and control server used by a botmaster to communicate with bots (Gassen et all, 2012)

Attack Methods

Infections can occur through trojans and worms

Clicking on infected links and opening infected email attachments can cause infections

Vulnerabilities

Keeping all software, including OS, patched and up to date is the best defense

At first attacks were only successful on weak systems

Now malware can join secure computers to botnets

– Many times antivirus software is unaware of the infection

The Extent of the Damage

It is estimated that hundreds of millions of computers are members of botnets (Greengard, 2012)

Most of the time the user is unaware of the infection

These botnets are being used to send spam Also being used to steal identities, credit

card information, and trade secrets (Greengard, 2012)

Attacks are primarily uses to generate income

– Stolen credit card numbers are worth $10-700 on the black market (Gassen et all, 2012)

Attacks may also have a military or political motive (Gassen et all, 2012)

References

Gassen, J, Gerhards-Padilla, E, Martini, P. (2012). Current Botnet

Techniques and � Countermeasures. PIK Praxis der �

Informationsverarbeitung und Kommunikation. Vol 35 Issue 1, p3-

10.

Greengard, Samuel. (2012). The War Against Botnets. Communications

of the ACM. Vol 55 Issue 2, p16-18.