Читать книгу Bots - Nick Monaco - Страница 27
Lots of bots – botnets
ОглавлениеAutomated agents often work in concert with one another in “botnets” (short for “bot networks”) – a network of computer programs that work together to accomplish the same goal. The networked bots’ functions need not be identical: often, the bots in a network perform complementary functions (Cresci, 2020). For example, imagine a small network of Twitter bots that promote the hashtag #TacoTuesday on Twitter. The network might have 100 bots split evenly into seeders and promoters, with the 50 seeder bots dedicated to sending out pre-composed tweets that include the hashtag #TacoTuesday and the remaining 50 promoter bots used to retweet and like posts from the seeders. None of the 100 bots necessarily need to follow each other in order to be considered a botnet – they only need to be working toward the same goal. This group of 100 bots is therefore a botnet, for they share the common goal of promoting #TacoTuesday.
Botnets are not necessarily networks of social bots, like our #TacoTuesday botnet. The word botnet is also used to designate a network of compromised devices – the zombie bots described above. When a hacker gains administrative access to a computer, it can use that computer to perform any task, often without the owner’s knowledge. (Here, we mean “computer” in the broadest sense: any internet-connected device capable of receiving and carrying out instructions.) When a large number of these compromised internet-connected devices are networked together, a single hacker has a surplus of computing power that they can use to do whatever they want: steal the computer owners’ private information, exploit the spare computing power to make money by mining cryptocurrencies (cryptojacking), or use them to crash targeted websites via distributed denial-of-service, or DDoS, attacks.
DDoS attacks work by vastly overloading a website, driving so much traffic to it that its infrastructure collapses – imagine 10,000 cars all trying to get off of a one-lane highway exit at once, or a lecture hall of 1,000 students all asking the professor a question at the exact same time. These DDoS attacks have gotten larger and larger, driving larger and larger amounts of traffic to sites via botnets, because there is an enormous and growing pool of devices available for compromise: the rapidly growing Internet-of-Things (IoT). IoT is a term used to describe internet-connected devices that we may not traditionally think of as computers – DVD players, refrigerators, smart doorbells, laundry machines, TVs, cars, drones, baby monitors, etc. Because these internet-connected mundane household appliances are rarely designed with cybersecurity in mind, they are far too easy to compromise and turn into botnets. For example, in 2016, the Mirai botnet used over 400,000 internet-connected devices to bring down servers at the French web hosting service OVH and the web application company Dyn. The attack disrupted the services of several popular websites, including Amazon, Netflix, the New York Times, and Twitter. (Most of the compromised devices were hacked using a list of just 62 default usernames and passwords commonly used on IoT devices (United States Cybersecurity & Infrastructure Security Agency, 2016).)