Block bad bots: How to stay safe when your enemy is automated
Many dystopian sci-fi stories feature some breed of robots taking over the world. While this large-scale robotic takeover has yet to unfold, “bots” have actually made quite a dent in our society, particularly over the internet.
Bots are pieces of software that run automated tasks (scripts) through the web. They typically perform tasks that are simple and structurally repetitive, at a rate much faster than humans. They can be used positively or negatively, and they’re much more prevalent than you might realize, with about 52 percent of all web traffic coming from bots.
Here’s what you should know about bots, and how you can prevent malicious ones from infecting your systems.
What is a bot?
Bots aren’t particularly complex, but their functions can vary greatly. Good bots can gather information (like the web crawlers for Google’s search engine), automate interaction in instant messaging applications, and enable dynamic interaction with websites, among other tasks.
Bad bots also have a number of potential uses. Spambots, which harvest information such as email addresses from contact or guestbook pages, are particularly common for both consumer and corporate users. These bots accumulate email addresses from online lists and send them unsolicited email, often containing malware or phishing messages.
Other uses include downloader programs that suck up bandwidth, website scrapers that grab website content and re-use it (without permission) on automatically generated doorway pages, viruses and worms, and botnets that can fuel massive DDoS attacks.
In 2013, the Mirai malware infected more than 380,000 internet-connected devices using manufacturer-designated usernames and passwords that were publicly known and that many users hadn’t changed. The resulting botnet shut down large portions of the internet along the East Coast with a DDoS attack that cost an estimated $110 million in lost revenue.
Detecting and preventing bots
Detecting bots isn’t a particularly easy thing to do. In most cases, the best indicators of bots are a slow system or network, a locked up or flickering screen, and passwords that don’t take when you enter them correctly. In most cases, bots will affect your internet traffic much more than local applications.
If your device is exhibiting these symptoms, compare them to others on the network or at home and see if it’s a problem with other devices similar to yours in age or use. If it’s not, there’s a chance you could have malicious bots in your system. In some cases, your IT security and malware protection may be able to remove them, once identified. Some bots may be written so simply that a simple restart or update is enough to disrupt the bot’s instructions, clearing it off your system.
To avoid spam and phishing schemes specifically, there are certain clues to look for:
- Emails in which the sending address doesn’t match the actual sender. Rather than check just the contact name, make sure to check the actual email address of the sender. If it isn’t coming from an official source, it might be a bot masquerading as a familiar face.
- Links that show suspicious or unfamiliar URLs when you hover over them. Never click a link if you aren’t sure where it leads. Instead, hover over the text to see that it leads where it says it’s going to, and that the website is familiar.
- Unsolicited suggestions to reset your password. If a website suggests you reset your password, go to the site itself through your web browser and reset from its official page.
- Spelling mistakes. Bot-generated emails continue to struggle with simple mistakes such as spelling, so this can be a tipoff.
When it comes to defeating bots, the best offense is a good defense. Vulnerability patching, firmware upgrades, periodically changing credentials, traffic inspection, and continual security assessments such as penetration tests remain the best ways to fight malicious bots. Keep up to date on security across anything connected to your network—including your internet-connected devices.
Many IoT companies are not vetted for IT security, and don’t have sturdy methods in place for updating or maintaining security measures. Check that your IoT devices offer continual or automated patching and security updates, and look into how quickly the company has responded to security threats in the past.
Unfortunately, the bad guys often know your security measures better than you do. You have to find any way to stay one step ahead of them.
Bots are out there
Malicious bots will continue to be a huge problem, so it’s critical to know how to avoid them where you can. In fact, experts are currently sounding the alarm about the emergence of an incredibly powerful strain of IoT attack malware, known as Reaper or IoTroop, which spreads via security holes in IoT software and hardware. So far, they say it may have infected up to a million devices.
It can be difficult to tell if you’re already infected, so it’s important to take preventative measures against bots and stay aware of the many ways they could infect your system. The bots may not be ushering in an age of science fiction dystopia, but they can still damage your system if not properly dealt with.