Has your computer or smart phone become a resource to commit malicious acts against other persons and companies? By taking advantage of a wide variety of computer vulnerabilities, your device may become a zombie that is under the control of a criminal that conducts crime using electronic devices (e-criminal). Once an e-criminal has control, not only is your device being used to attack other systems, anything stored on, or typed into, that device is also compromised.
How Bots Work
Devices that are connected to networks such as personal computers, servers, and smart phones (PDAs) process information and connect to other devices through a wide variety of program code. As computing devices and networks continue to evolve, vulnerabilities in this code create opportunities for criminals to install malicious software (malware). This causes the device to function abnormally.
In the past the malware focused on causing harm to the device such as making it crash or capturing keystrokes for the purpose of gaining access to bank accounts or credit card information. As e-criminals continue to evolve their destructive goals and increase damage to their targets, they realized the need for substantial computing resources and a way to avoid being detected. To achieve both of these goals, malware was developed enabling e-criminals to take over network-attached devices; a very cost effective solution!
The process is fairly simple:
- A consumer or company connects a device to the Internet.
- e-Criminals use automated tools to scan the Internet for devices with vulnerabilities.
- Vulnerable devices are identified and automated tools are used to download malware to those devices turning it into a bot (a device that is under the control of an e-criminal or their automated tools).
- Bots are instructed to perform malicious acts, such as a distributed denial-of-service attack, phishing, click fraud, pay per click fraud, on the e-criminal’s targets. Another popular use of bots is to send Spam mail such as those that target consumers to send money or account information to e-criminals disguising themselves as official business entities or persons in desperate need.
Each compromised computer is referred to as a “bot” which is an abbreviation for “robot”. Multiple bots connected to the Internet are referred to as a “botnet” (a network of robots). Bots are also referred to as “zombies”.
Bot Prevention and Detection
Prevention
The best defense against malware is a reputable Internet security suite, not just virus detection, on all devices that will be used to connect to the Internet. But having the software installed will do no good if it does not receive updates upon release and if devices are not scanned for malicious code at least once per week. It is important to understand malware detection software can only protect against malicious code that has been identified and an antidote written for. This means that there is a brief period in which all devices are vulnerable and the only way to identify and eliminate malicious code is through a scan. Malware detection and prevention software can be set to perform scans automatically or the user can manually instruct the product to perform a scan of the device.
Some Internet security tips to keep in mind:
- Scans are a key to keeping your equipment free of malicious code.
- Keep all software updated. Ensure that your computer is set to automatically download updates.
- Before you connect to a network verify that your Internet security/virus detection software is running.
- Thumb drives, CDs, DVDs can all contain malicious code that would create a weakness in the computer and allow it to become a bot – make sure you have credible virus detection software that automatically scans these media.
Detection
The most common symptoms of a device becoming a bot include:
- The device running sluggish
- Unusual activity at startup
- Internet security or virus detection software disabled,
- You get e-mails from auto responders that the recipient is not on line or on vacation, but you do not know the recipient
- Number of tasks running on the computer exceeds what should be running, and
- The device running at or near capacity.
While these are symptoms of a device becoming a bot, each symptom may also be related to other device maintenance or operating problems. Proper diagnostics are required.
To help ensure proper detection of malware, and to minimize potential effects, make the following steps part of your Internet surfing routine:
- Observe your device during the startup and shut down processes – become familiar with the messages that are displayed.
- Install and properly use reputable malware detection software.
- Take note if the device is constantly running – such as even when you are not interacting with the device.
Prevention is key. Once a device has become a bot, personal information may be compromised, the device may be damaged, and it may require an expert and investment to remove all access doors installed by the e-criminal.
by Sharon K. O’Bryan for Privacy Rights Clearinghouse