From the course: The Cybersecurity Threat Landscape
Explore the threat of botnets and DDoS attacks
- [Instructor] While the term botnets may conjure up images of robots taking over the world like in a sci-fi movie, the reality is different. Let's take a look at botnets and DDoS attacks. A botnet is a collection of computers or internet of things devices, which have been infected by malware, allowing a malicious actor to take remote control of them. Because so many systems can come under one attacker's control, botnets can become a serious force multiplier, allowing an attacker to inflict a lot more damage than they could accomplish on their own. And compromised systems that become part of a botnet are sometimes called zombies because they are no longer able to control their own actions. Once compromised, botnets can be used for many types of cyber attacks, including distributed denial of service, or DDoS, attacks, spam and fishing campaigns, spreading malware, brute force and other cyber attacks, and crypto mining. The terms botnets and DDoS attacks are related, but not the same. Botnets are the actors. DDoS attacks are the actions. A DDoS attack is an attempt to make an online service, usually a website, unavailable by overwhelming it with traffic from many sources. With sometimes thousands of zombie computers at their disposal, attackers will often use botnets to flood their target websites with millions of HTTP browser based requests per second. These traffic floods can disrupt or completely block the services of targeted websites, and DDoS attacks can last hours, days, or even weeks. In fact, one DDoS attack in 2021 lasted more than 776 hours, which is over a full month. DDoS attacks are frequently used for extortion. The attackers behind botnets will often send emails to organizations threatening to launch the DDoS attack if a ransom isn't paid. If they don't get the ransom, they'll gradually ramp up the DDoS attack to put pressure on their victims to pay quickly. Because botnets are so common and they can be used to make a lot of money, some botnet owners sell DDoS attacks as a service. DDoS as a service enables any criminal to conduct these attacks without needing any technical skills or resources of their own. The ever increasing number of poorly secured internet connected devices and the chance to use them to make money is driving the growth of botnets and DDoS attacks. This is why we can expect botnets and DDoS attacks to continue playing a big role in the cybersecurity threat landscape for some time.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.