Botnets have become one of the biggest threats to cybersecurity. Botnets, a form of malware that infects networks of devices, have been used by hackers since the early 2000s. However, the Internet of Things has made these attacks all the more ubiquitous. With devices from kitchen appliances to smart watches all connecting to the internet with little to no security, hackers now have an unprecedented network of devices to compromise.
China has dominated the global network of botnets, with the largest number of botnets in the world. In the past month, the Kaspersky Lab reported that 17,060 botnets were detected in China. The U.S. ranks as the second biggest user of botnets, however China dominates the botnet networks. The botnet activity in China is nearly 80% higher than the U.S.’s 7,350 bots.
Bots can be used for a variety of purposes. In China, Chatbots are widely accepted form of artificial intelligence, often used to assist customers online in service industries. In the U.S., bots have overwhelming control over the stock market. The use of computer programming and quantitative data to make investments has taken over investing in the stock market. Quantitative investors make up 60% of equity assets, CNBC reported, citing a report from JP Morgan’s global head of quantitative and derivatives research Marko Kolanovic. The data indicated that the number of discretionary investors has decreased to 10%. The use of data-driven investing has also rapidly expanded, growing from 30% a decade ago.
The danger of botnets is widespread. Botnets can infect entire computer systems in DDoS (distributed denial of service) attacks that help robots access sensitive information and shut down servers and websites completely. Russia used bots to run social media campaigns to influence the 2016 U.S. election, according to NPR. Russian hackers used botnets to infect posts on Facebook and Instagram that boosted Donald Trump and ridiculed Hillary Clinton. Despite allegations of election-tampering, Russia’s botnet activity is ranked below the U.S., China, and South Korea with 1,199 botnets in the past month.
According to the Kaspersky Lab, new botnet risks have emerged in 2017. In February, the cybersecurity company reported that a Chinese hacker used a Mirai botnet to infiltrate Windows systems. Mirai, which infects internet of things devices with DDoS attacks, infected Windows to control digital recording devices and internet patrol cameras. The Mirai botnet is highly advanced: in October 2016, the malware impacted the entire U.S. East Coast’s internet service, prompting investigations from the FBI and the Department of Homeland Security.
In May, President Trump released an executive order to reduce botnets that propel such monumental attacks. However, the systems avoid termination, due to the influx of internet of things devices. Internet of things devices, which include smart watches, connected cars that have internet access, and smart home devices such as the Amazon Echo, have little or no barriers to access.
“Internet of things devices are not designed with security in mind and often have no way of being patched,” said Bruce Schneier in a recent article for the MIT Technology Review. The things that have become part of Mirai botnets, for example, will be vulnerable until their owners throw them away. Botnets will get larger and more powerful simply because the number of vulnerable devices will go up by orders of magnitude over the next few years.”
Along with an executive order, the U.S. Justice Department announced that it would take down Kelihos botnet, which was run by a Russian hacker since 2010, according to Reuters. The Kelihos botnet has infected Windows operating systems.
Despite Russian involvement in botnet activity, the country is ranked as one of the least vulnerable to attack by the Kaspersky Lab. The most vulnerable countries this past month are the U.S., China, and Germany. With the number of botnets attacks accumulating, countries worldwide need to prepare secure systems to combat future attacks.
The Defense Advanced Research Projects Agency’s Plan X program is working to help military cyber operators visualize the cyber battlespace and perform missions there based on an established cyber framework and a common operating picture. Plan X is a foundational cyberwarfare program whose engineers are developing platforms the Defense Department will use to plan for, conduct and assess cyberwarfare in a manner similar to that of kinetic warfare. DoD photo.