Botnets Continue to Plague Cyberspace

The first botnet traces back to the EarthLink spammer in 2000. Created by Khan K. Smith, this botnet sent 1.25 million emails and gleaned $3 million before eventually being sued for $25 million by the owners of the network he was abusing, EarthLink.

This first edition botnet sparked a wave of cybercrime, with botnets reaching their first peak in 2007-2008 with the likes of Storm, Cutwail, Grum, and Kraken. Although all of these have since been shut down, some remnants of them can still be found in cybersecurity systems even today.

Despite the attempts to shut down botnets, the threat can never truly be removed. Nearly two-thirds of all Linux-based malware stems from a particular botnet known as Mirai, whose college-student creators were located all the way back in 2016. The Mirai botnet was initially created to give the users an edge in the popular computer game, Minecraft – but it soon grew out of control and its variants now run rampant through vulnerable systems to this day.

Although there are plenty of legacy botnets for cybercriminals to access, one defining feature of cyberspace is its ability to constantly innovate and adapt. A brand-new botnet known as Meris has begun to make a name for itself amongst the botnet giants, responsible for a record-breaking 21.8 million requests per second (RPS) attack on Russian-based internet company, Yandex, completely dwarfing the previous record-holder which operated at 17.2 RPS. The Meris botnet exploited a previous vulnerability in MikroTik routers, gaining access via users who opted for less-than-secure passwords.

Once an exploit is found in a system, it’s likely that all devices that share the same vulnerability will also be affected. A honeypot research campaign lead by DDoS mitigation provider, NETSCOUT, discovered around 200,000 botted devices participating in 2.8 million DDoS attacks across the globe in just 6 months. The vast majority of these bots were located in China, India, and Russia, and participated in a variety of attacks across all sectors and locations.

These attacks reached a peak in the first half of 2021 at 5.3 million, an 11% increase from 2020, with one ransomware group collecting a total of $100 million in payments to release a network from the attack.

Protecting your network from botnets

Where botnets are concerned, there are two points to consider when creating a mitigation strategy. Networks must not only protect themselves from the rise in cybercrime and DDoS attacks, but also prevent their own devices from being absorbed into a botnet.

Educating network users on the tactics utilised in phishing and other malware spreading methods is the first step in preventing your network from being exploited. And as for protecting yourself from the rising onslaught of DDoS and ransomware attacks, we can help!

Here at RedSpam we are experts in all things cybersecurity and can help you get the best network protection to suit your security budget. With extensive experience in cyber defence and training, we can tailor a solution perfect for your business - contact a RedSpam specialist today to find out more.