Good Bots, Bad Bots, & Terrifying Armies of Zombie Bots

BotMore than half of all internet traffic is bots. There are good bots, and bad. There are armies of slave bots - botnets, that will spring into villainous action upon command of their master.

GoT's army of undead started as primarily human, but gained a more diverse set of conscripts - giants, horses, wolves, bears, and even a dragon. So it also goes with the botnet armies. As connected devices flourish, security cameras, DVRs, refrigerators, webcams, routers, washing machines and routers join the legions of computers forced to do their evil masters' bidding.

Recently Hyphbot made news when it was discovered to be bilking digital advertisers of up to $1.28 million a day over a period of at least several months. That bot network enslaved up to 500,000 machines and put them to work generating up to a 1.5 billion fake ad requests a day.

In addition to generating fake web traffic to rip off advertisers, bad bots conduct all sorts of nasty activities. They steal email addresses and send spam, they create fake posts in forums, gobble up tickets for brokers, and scrape information from websites.

Then there are social media bots of which there are many millions. We have learned that twitter bots are fake accounts that impersonate humans. There are networks of linked twitter bots that can work together to achieve an objective. Amplifying a message is a common use, and bots can make a hashtag trend, or distort debate and spread false information.

But how about other, good bots? Chatbots for example are often not too smart, but we know they mean well – they try to help us, and they answer our questions. 

Working BotSome people believe bots will in time replace apps and websites. VC’s are pouring millions into bot related companies, and tech pundits predict they are the next big thing. Bots are fast, and they will get smarter, to the point they understand everything a person says. They could handle all customer interactions for a company – they’d have the answer to every question, could fill orders, resolve complaints, and never get cranky.

These days there are bots for seemingly everything – they help with scheduling and productivity, and deliver weather updates. Shopping bots find the best price for products you want, financial bots give you advice and help with your checking account, fashion bots suggest things you’ll like based on preferences, cannabis bots cover a range of weed related matters, local restaurant bots hook you up with ideal spots to eat, and there are even bots for making bots.

Among types of good bots are spiders and crawlers, aka search engine bots. These bots are simply programs built to perform repetitive, automated tasks, and to do so very quickly. Search engines constantly have battalions of them crawling websites. Feed fetcher bots gather the information that comes in to refresh a feed, such as an RSS feed or on Facebook’s mobile app.

But let's get back to the botnets, which certainly pose the greatest threat on the internet. As IoT devices proliferate, and predictions are there will be nearly 21 BILLION connected devices by 2020, each is a potential recruit to a zombie army. Bot Masters devise an assault plan and direct the troops to attack the selected target.

A Distributed Denial of Service (DDoS) attack is one devastating type of assault. In a DDoS attack, the army goes after a site, sending millions of requests to the servers that host it. The servers are overwhelmed by the flood of traffic and shut down.

A DDoS attack can be devastating for a business. But worse is when the attack is on a company that is part of the internet framework, providing a service that allows people to connect to websites. The Dyn attack occurred in late 2016, and affected giant areas of the US. Some of the most widely accessed websites were made unavailable.

BotMasterThat zombie army was made up of webcams, baby monitors, DVRs, security cameras, connected wash machines and refrigerators, routers, and more. Security on IoT devices is pathetic, and most consumers can't be bothered to change the default password that the device comes with. So every unprotected device and gadget is simply waiting for a hacker to recruit it.

Once the hacker takes control of a device, the hacker infects it with malicious code, links it into the botnet, and tells it to wait for instructions. The device putters along as usual and the consumer is none the wiser. Once the attack launches, the device is activated to join its enslaved compadres in a mindless, unrelenting assault.

DDoS attacks have taken down part of the Ukraine powergrid numerous times in the last few years, in addition to numerous other disastrous cyber  assaults. Many security experts believe Russia is using Ukraine as a testing ground for cyber weapons intended for the US. 

Our Critical Infrastructure is vulnerable, some sectors more than others. Ponder the possible chaos and destruction if attacks took down part of the electric grid, assumed control of floodgates on dams, distrupted subway service, diverted trains, brought down financial institutions or stock markets, or suspended cell phone and other communications.

Hacktivism is hacking for a cause, - often to promote social change or a political agenda. Botnets are increasingly the tool of choice, and DDoS attacks by hacktivists are expected to continue increasing in frequency and severity. Think Mr Robot.

Here's more bad news. You don't have to be an elite White Walker of Cyber Crime to command a zombie IoT army. Nope. You can rent one for $100 or so, depending on the scope and duration of your objective. Want to hurt a competitor, make a point, or just have some evil fun? No problem. You can even pay with PayPal.

So when The Wall is breached by legions of webcams, refrigerators, baby monitors and DVRs, ...when the subway stops between stations, you can't get to Amazon, or the lights won't turn on ...ask yourself if perhaps you shouldn't have changed that default password.