Video Screencast Help

Is your business part of a botnet?

Created: 13 Jul 2011 • Updated: 25 Jun 2013
Symantec Analyst Relations's picture
0 0 Votes
Login to vote

Nobody ever means to join a botnet. In general, it all starts when a piece of software is inadvertently installed on a desktop or computer. You could be doing something completely innocuous, such as browsing the Internet or opening an email attachment. Web sites associated with downloads of any kind, from innocuous clipart and device drivers to less salubrious images and videos, are all targets for people who want to see their malicious code running on your machines.

“Bots” – that is, software which can be remote controlled to do something dodgy – can be incorporated inside the installation script for any program you choose to download. As you’re in control telling the computer what to do, it has little scope for protection. “Do you really want to install this?” is the question. You answer “yes” and before you know it, your computer has become one node in a botnet – a global network of computers controlled from a central point, and designed to wreak electronic havoc.

In fact, you probably don’t know it. Bots don’t advertise their presence – in fact they do everything they can to hide, disguising themselves as legitimate programs in system libraries, for example. Indeed, bot developers are constantly looking for smarter ways to ensure they exist below the radar of the operating system and even some anti-virus programs.

The only evidence you might experience is that your computer is running more slowly than it should be. Indeed, if your machine is sluggish before you even start doing anything, this could be down to two things – either you have installed a legitimate program that is taking all of your processor time, or you have a program running illegitimately.

You should, of course, be running an up-to-date version of an anti-virus product and have undertaken a full scan of your machines recently. However, having such programs in place doesn’t mean you can just sit back and relax, for two reasons. The first of which is that bots are becoming increasingly sophisticated – in a recent example, even Microsoft suggested the only solution was to take the drastic measure of rebuilding from scratch.

The second reason is that the kinds of attacks are also becoming more complex. As we wrote here, the number of spam messages has dropped significantly in recent months. Spam – the sending of unsolicited email – was a major use of botnets but it may well be that resources are being switched to higher-impact, and potentially more lucrative distributed denial-of-service attacks.

The bottom line is – be vigilant. It may be difficult to guard against what downloads are taking place, particularly if some employees work from home. At the very least make sure your IT kit is up to date in terms of security protections, and keep an eye on news and community sites such as this one. Forewarned is fore-armed.