Botnets and Tips to Prevent Botnet Attacks

in Security

Recently Trustwave’s SpiderLabs revealed some shocking cyber crime stats. According to the report, a botnet stole 2 million login and passwords of some most popular sites including Facebook, Google and Twitter.

There were some similar incidents in the past when botnet was used by hackers to break into the users’ account by guessing their usernames and password. These incidents made botnet quite a menace, associated with malware attacks, DDoS, phishing and cause of other information security related threats. But it is not completely true.

A botnet or a robot network comprises a set of internet-linked programs, designed to connect with other similar programs (usually the server) to complete different tasks. Depending on its use, it can be good and bad.

In early days of their creation, bots were controlled by Internet Relay Chat (IRC) that serves the purpose of connecting to chat rooms, which people used for exchanging messages. It was a 10—15 year old practice which was replaced by instant messaging platforms including MSN Messenger, ICQ, and AIM.

Botnet – The ‘Bad Guy’

It was long ago when botnet was a ‘good guy’. These days, the control of many botnets has been shifted from IRC channels to website using HTTP.

Hackers and cybercriminals send virus, Trojans or malicious software through spam mails, links and attachments. When you click these links or open the attachments, your computer becomes a bot or zombie. This allows the hackers to control your computer from a remote location without you knowing it.

When criminals infect a large number of computers using bots (as the case in recent hacker attacking compromising 2 million accounts), the computers form a network called botnet.   

Botnets are very powerful and are used to spread viruses and attack more and more computers and servers. It also leads to serious crimes like identity theft, phishing, stealing your credentials and gaining illegal access to your bank accounts and stealing your hard-earned money.

How to deal with botnet attacks?

 The only way to deal with botnet attacks is to prevent them from infecting your computer. Try these simple but effective preventive measures:

  1. Avoid obvious passwords

It’s a thumb rule when going online. Choose strong passwords. Hackers target the obvious and common passwords such as ‘123456’, ‘123123’, ‘password’, ‘123456789’ etc as most of the novice users prefer these passwords to avoid the risk of forgetting them.

A secure password is the combination of at least eight characters containing lower and uppercase letters (AsfDZt), numerical (123456789), and special characters (!@#$%^$&*). The example of a secure password can be ‘Ap$1@pL9z%’ (you can think a better one).  Also, change your password at least every fortnight.

  1. Don’t click on spam mails

Never open a spam mail unless you know the sender. It may contain a virus or malware. Also refrain from opening mails that make unbelievable claims such as lottery or prize money you have won.

  1. Avoid ‘Admin’ as the username

 If you have a website (static or dynamic); don’t use ‘Admin’ as the username. The ‘Admin’ username has been identified as the major cause of recent attack on WordPress compromising the information security of 90,000 users.

  1. Install good antivirus software

Install a complete internet security antivirus pack in your computer. Don’t go for free versions. They provide very limited protection and are not able to block spam and other viruses.

  1. Adopt two factor authentication (2FA)

2FA or two factor authentication is an effective solution to prevent botnet attacks as it helps in overcoming vulnerabilities of a weak password. It is based on something user knows (password) and something he possesses (soft token, hard token, USB token etc).

It is possible for a hacker to decode your login password but it is difficult for him to get access to one-time password that you receive on the device only you possess.

Botnet is a serious threat and can happen to anybody. Therefore it is advised to follow these five basic rules to prevent botnet attacks.

 

Author Box
Tarun Wig has 1 articles online

 

Tarun Wig is an entrepreneur and founder of INNEFU - an information Security consulting group that specializes in meeting the Information Security needs of the consumer. He likes writing about the growing importance of <a href=" http://www.innefu.com/products-two-factor-authentication-india.php"> two factor authentication </a>, multiple token generators such as <a href=" http://www.innefu.com/hard-token-authentication.php/">hard token</a>, mobile token, soft token and more.

+
Add New Comment

Botnets and Tips to Prevent Botnet Attacks

Log in or Create Account to post a comment.
     
*
*
Security Code: Captcha Image Change Image
This article was published on 2014/01/15