Bots & botnets
Norton, an antivirus program developer, defines a bot as a type of malware that allows a hacker/attacker to take control of an affected computer. When talking about botnets, and their ability to disrupt a complete system, this refers to a network of infected devices or machines working together at the command of their “botherder” or “botmaster” to complete a set task.
Are we bot carriers?
In a survey conducted by the Pew Research Center’s Internet American Life Project, 90 percent of adults now own cell phones, indicating a 26 percent growth across the last nine years. According to BullGuard Security, which released the world’s first Internet of Things (IoT) vulnerability checker, “smartphones are mini laptops,” and when a phone is infected with a mobile bot, the malicious program is downloaded to the phone unnoticed and can potentially gain access to files and documents. Malicious software can also take over the operating system, giving the botmaster the ability to do as they please when ready.
Potential attack on the nation’s infrastructure
According to a survey by the Centers of Disease Control (CDC) in 2014, nearly 44 percent of homes have done away with landline phones and have moved to wireless means of communication through the use of smartphones. This move has put areas of the nation’s critical infrastructure at risk to disruption and the American people vulnerable to botnet attacks, as seen through the study done by researchers from Ben Gurion University (BGU).
As the CDC survey indicated, many 911 calls are made from cellular devices. This enticed a group of researchers from BGU to determine what would happen if a mobile botnet were able to initiate a distribute denial of service (DDoS) attack on a 911 emergency system. A DDoS attack would make a machine or network resource unavailable to its intended users. DDoS attacks have increased tremendously over the last year, according to Help Net Security.
— Help Net Security (@helpnetsecurity) September 15, 2016
The researcher’s findings ultimately showed that the emergency services sector would be incapable of completing its mission if an attack of this nature, at the right volume, were to occur. The study outlines the potential of an attack involving 6K bots (roughly $100k in hardware), which could block emergency services in a state for days. The study identified areas of concern that respective organizations, lawmakers, and security professionals need to be aware to develop a means to prevent such a 911-DDoS attack in the future.