What countermeasures can be taken against botnets?


The term botnet is derived from robots (bots). A botnet, also known as a zombie network, is a distributed network with many thousands of computers connected to the Internet and infected with robots. The robots of a botnet are activated by a central point or a botnet herder via malvertisement. Botnets often take on illegal tasks, but they can also take on legal tasks.

One approach to botnets lies in cybercrime. Botnets are about bundling many computers and jointly attacking a target system in such a way that it can no longer perform its functions. For this purpose, many personal computers, usually private desktops, are infected with malware in botnets without the knowledge of the user and are combined by the botnet operator to form a large network.

The robots - also known as zombies - of the infected personal computer are centrally controlled and activated by the botnet operator or bot master. The control functions are taken over by the command and control server (C&C). The control includes the retrieval of the data from the bots and the transmission of new instructions. The botnet operator uses the computing power and resources of hundreds or thousands of PCs infected with robots. On command, it can load computer systems, company networks or entire Metropolitan Area Networks (MAN) so that the servers fail. For this purpose, all infected PCs are controlled in such a way that they simultaneously trigger DoS and DDoS attacks or other flooding, spread viruses, hit mail servers with mail bombs or spam or send emails for phishing. In order to disguise the server address and its location, cyber criminals work with Fast-Flux, a mechanism in which the domain name changes permanently in a very short time.

Such botnet services are often ordered by cyber criminals and can flood individual computers, entire computer systems, company networks and entire city networks without countermeasures being taken.

According to Telekom, botnets fired 5.3 trillion data packets on Telekom's landline and mobile network in April 2019. The previous year's value was 330 billion.