What are botnets, and how do you protect against them?

2 min read
Lexie

Hi, I'm Lexie! I write about information security, Bitcoin, and privacy.

An illustration of a laptop held by puppet strings.

Botnets are large networks of hijacked devices (robots) that can be remotely controlled by their creator.

Mainly run for profit by criminal organizations, botnets can, for example, be used to mine cryptocurrencies like Monero, or use bandwidth to slow down websites as a denial of service attack.

Who is at risk from botnets?

The primary victims of botnets are outdated computers humming away in forgotten corners of business parks and schools, as well as poorly secured Internet of Things (IoT) devices.

When a computer no longer receives updates but is still connected to the internet, it becomes vulnerable as more and more unpatched security vulnerabilities are discovered. These vulnerabilities might allow somebody to seize control of the machine remotely and command it to perform any task as if it were their server.

Any computer or device that is unused for long periods could be consuming a lot of bandwidth, processing power, or otherwise behaving oddly without the owner’s knowledge. Similarly, devices that run in the background (like surveillance cameras, smart fridges or thermostats) might pick up unnoticed security flaws.

Botnets and the Internet of Things

IoT devices often come with weak passwords and login credentials by default. Poor security practices at manufacturers and strong pressure for cheaper devices have exacerbated this.

It is unclear just how unprotected people’s homes might be. One idea to find out, brought forward by the Japanese government, is to allow the authorities to use default login passwords to “hack” into unattended devices and survey their prevalence and potential harm.

Another idea, going even further, is to hack into vulnerable devices to either secure them from the inside or brick them to make them useless.

The idea of law enforcement accessing people’s private digital property is a controversial one, but not all proposals are similar. An argument can be made that leaving your devices in their default, unsecure state is like leaving them unlocked.

To use a real-world comparison: Would it be permissible for the police to walk around a parking lot checking for unlocked cars? Would it be acceptable if these officers were also to lock the doors of unsecured vehicles to limit the risk of theft to their owners?

How to prevent botnet attacks on your devices

Whatever devices you may have, you should always change their default passwords and check what options you might have to secure them. Ideally, your devices aren’t reachable from the open internet at all.

In the long run, however, it can only be the manufacturers that build devices secure by default, and consumers should demand better privacy and security.

Lexie is the blog's resident tech expert and gets excited about empowerment through technology, space travel, and pancakes with blueberries.