Call us:    +44 (0) 207 0439 349        Company      Contact us

What is a botnet?

Posted by on Apr 27, 2013 in Security BlogNo comments

Have you been a victim of a botnet attack?

Often when people face attacks against their website infrastructure they are left being told that their website was attacked by a botnet. To the non technical this means absolutely nothing, and of course most people are left thinking, what is a botnet?

What is a botnet?

A botnet is a collection of compromised computers, which can vary in number depending on how widely spread the attackers virus/worm is. The size of a botnet may range from 5 to 1 million computers strong, and may be compromised of Windows, Linux and Mac computers. All of the infected computers are controlled remotely by the hacker, which often coordinates attacks from a central ‘command and control’ server. A command and control server is a central platform that all of the compromised computers connect to once online to accept new commands from the hacker. From this command server the hacker may instruct all the bots with commands to do various things such as, attack a website, scan for more computers to hack and infect, update bot code etc.

How does a botnet attack work?

DDoS attack simulation example

 

Above image shows how a botnet is coordinated by a criminal hacking group aka ‘botnet masters’. They send signals to thousands of compromised PC’s which are controlled from Command & Control Servers that act as a central gathering place for all the zombie PC’s to connect to when online. These servers are often compromised high powered servers, or server that have been purchased with hacked credit cards from the harvested data on the zombie PC’s. Once the command is given, the zombie PC’s can flood the victim’s server offline, putting and end to business operations, often until a ransom is paid.

What is DDoS?

DDoS stands for Distributed Denial of Service, and is the most common attack technique that botnets use. The idea behind it is to deny a service i.e a website from working by flooding the server with massive amounts of requests that stop the web service from working correctly and eventually take the website offline (see above image).

How Security Audit Systems can help

Security Audit Systems offer a variety of solutions to counter botnets, whether your network has been infected with one, or you are the victim of an on-going DDoS attack. Please visit our DDoS Protection page to view all of our available services.

Registered Memberships and Partners:

OWASP - Open Web Applications Security Project
ISSA UK - Information Systems Security Association UK
NIST - Computer Security Division of NIST
UKITA - UK Information Technology Association
ISF - Information Security Forum
ISACA - Information Security Audit & Control Association

  • Latest Tweets

    • Britain's security has been threatened by 188 high-level cyber attacks in the last three months, according to a government security chief.

    • Libraries across the city of St Louis are gradually regaining control of their computer systems, following a malware attack on 17 Libraries.

This website uses cookies to improve user experience. By using our website you consent to all cookies issued by this website.
I agree Disagree