December 27, 2013 No Comments-
The internet is a confusing place, filled with unknown dangers in unexpected places. And because the risks are so new, it’s sometimes difficult to keep track of the emerging threats. This article introduces bots and botnets, and how they affect everyday internet usage.
What’s a bot?
An internet bot – also known as a web robot – is a piece of software that carries out automated tasks over the internet. The most famous user of bots is probably Google, commanding millions of them.
It would be impossible for the world’s largest search engine to have employees look at each page on the internet, so it uses bots to automated the process, making it possible to visit hundreds of millions of pages in a day.
Each of Google’s bots are programmed to visit a website, make a note of the information the website provides, and then visit every link on that page. This allows Google’s robots to effectively visit every website on the internet (or at least, every page that has been linked to).
Bots are a vital part of Google’s business, and many other online services as well. In fact, the amount of internet traffic used by bots actually outweighed the traffic from real, live people using the internet this year. While human traffic accounted for 38.5% of visitors, non-human traffic was a massive 61%.
What turns bots bad?
Like most technology on the internet, bots can be used for both good and evil. It’s fair to say that Google’s spiders make the web a much better, more usable place for us humans. But of the 61.5% of web traffic by bots, 30% of that is supposed to come from malicious robots (data from [http://www.incapsula.com/the-incapsula-blog/item/820-bot-traffic-report-2013]).
That means an astounding (and terrifying) 20% of all internet traffic is from malicious bots. So what forms does this criminal code take, and what does it mean to you?
Have you ever read the user comments of news websites or blogs and thought, “this doesn’t many any sense”? That’s probably because an automated spammer robot generated the comment.
These digital annoyances are programmed to scour the web looking for comments sections and internet forums, and then post messages to them with links back to a service that their creator is trying to sell (or to a malware website).
Despite their visibility, spam bots only account for 0.5% of all robot traffic.
If you think that hackers are simply teenagers sitting in basements, think again. Many “hackers” are now automated robots, programmed to automatically search the web for vulnerabilities.
Taking up 4.5% of all non-human traffic, these hackers will automatically search for vulnerabilities in websites to exploit. Once the security is cracked, these tools will then post an advert or malware to the website, with the owners being completely unaware.
If you get infected with malware form a website that you’d normally trust, it’s typically because it has been hacked by one of these automated bots.
At 5% of non-human traffic, scrapers are the least harmful malicious bot for personal computer users. Scrapers search the web for content, duplicate it and put it back on their own page.
These trick pages can caused to web users, by enticing us into visiting the duplicated website, where criminals will serve you adverts and malware.
We explained what “DDoS” Botnets were last week, but we didn’t mention that they make up a massive 20.5% of all non-human internet traffic.
In short, these are used to crash websites and degrade their ability to provide content to users.