As with most depictions of mechanical folk in science fiction, robots on the internet can be good or evil, helping the various functions of the web along or working to bring it down. According to security firm Incapsula, the proportion of both good and bad bots to humans on the internet grew in 2016, with robotic users constituting 51.8% of all traffic online. As that number increases, bots’ fame or notoriety grows and they start to become part of the public consciousness. For instance, a bot called Mirai shut down part of the internet in 2016.
Even if a user is ignorant to the existence of bots, their impact is felt by everybody. Mirai attacked a company called Dyn, which is responsible for the structure of the internet, and thus connected in some way or another to sites like The Guardian, Netflix, CNN, Twitter, and Reddit, all of which experienced outages or poor service.
The obvious question even for your grandma to ask is what are bots?
Cybercriminals
Bots are pieces of code that do automated things. For instance, Google uses harmless bots to scan or “crawl” websites for information; that data is then used to assemble search engine results pages. Similarly, an organization might utilize a bot like Uptime Robot to monitor a server or website to make sure it’s both available to web users and functioning correctly.
Good bots’ evil counterparts are employed by spammers, who use them to paste annoying messages in comment sections (“my sister is earning X amount of money working at Y company”), and by cybercriminals hunting for weaknesses in a website’s security. Bad bots include Nitol, malicious code that hijacks PCs and uses them in vast swarms to overload services with data until they collapse, a trick known as a Distributed Denial of Service attack.
Malware Attacks
Bots can present a moderate risk to the everyday computer user, especially in the case of Nitol, a “trojan”, a type of malware that pretends to be something else (like an anti-virus program) to persuade people to install it. Bad bots often prey on inexperienced users and people who aren’t paying attention to what they’re clicking on.
Staving off malware attacks can be trivial as many anti-virus programs do offer trojan detection as standard. For instance, a look at an antivirus comparison site indicates that all five of the top antivirus software solutions, inclusive of BullGuard, Norton, and McAfee, list trojan protection alongside more advanced features like anti-phishing measures.
Security Cameras
Any given user does have some control over their risk factor as far as bad bots are concerned. For example, links in unsolicited or otherwise unexpected “spam” emails are a popular delivery method for trojans and other malware so don’t click on them. Poor username and password combinations are also a key contributor to cybercrime statistics.
Bad bots have to find a way onboard to hijack a system. One of the ways Mirai got around so quickly was by exploiting human laziness, installing itself on internet-ready devices that were unsecured or still had their factory password in place. With that in mind, Mirai’s “botnet”, a vast swarm of bad bots, was actually an army of hijacked security cameras, baby monitors, printers, and routers.
As a final point – why use bots at all? The simple answer is that both good and bad bots are indefatigable – they don’t get bored or tired. They also work much faster and are less prone to error than their human colleagues. A good example involves Sentry MBA, a type of password cracking software that simply tries different credentials to break into accounts until it’s told to stop. So tell your grandma not to worry: not all bots are bad.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.