The importance of botnets in computer security

Several of the characteristics of botnets are not only significant in and of themselves, but are emblematic of some of the unique challenges that cyberwarfare as a whole presents.

This is part of a series run by Stratfor with some additional commentary (and jokes) by me.

Analysis

Botnets are a conglomeration of thousands (or more) hijacked computers known as zombies. These networks can amass the processing power of many computers and servers from all across the globe and direct them at targets anywhere in the world. Botnets are used not only in massive spam campaigns on a daily basis but are also used in cyber-security attacks. 

In DDoS attacks, individual bots can direct their computers to repeatedly access a particular target network or Web site — with the entire network of zombies doing so at the same time. These kinds of attacks, depending on their scale and the target system’s ability to cope, can begin to degrade accessibility or completely overwhelm and shut down access to that network, Web site or server. They can also autonomously exploit a user’s address book and e-mail server to send out spam or infected e-mails or distribute other types of malicious software — including copies of itself to further expand the network.

The good botnets has its software written and controlled by individuals; these botnets are often controlled by subnational actors — be they hackers, terrorist organizations or cybercriminals.  Less effective botnets can be created by downloading existing software from the Internet, but because they are widely available, systems with up-to-date security software are generally already protected against them.  In stock trading, it's kind of like trading the news -- there's no point because once it's widely distributed it is already priced in.

Ultimately, DDoS attacks can be a particularly crude method of challenging advanced systems. But while some technologies have been developed to help reduce their effectiveness, thus far this fairly simple technique has continued holding its ground against improvements in computer security, especially for short-duration disruptions and remains the most effective and unstoppable method of attack with large botnets. Even if the DDoS cease to be an effective tool, the capability to muster a massive pool of processing power will likely remain a key aspect of cyberwarfare for some time to come.