Botnet Attacks Using the Internet of Things
The Internet of Things (IoT) provides hackers a large attack surface that can be used to carry out botnet attacks. Today’s cheap, internet-capable devices can make excellent candidates for becoming part of a botnet because they are often poorly protected and lack the functionality needed to prevent attackers from exploiting them.
Once a device has been hacked, it becomes infected with malware that connects back to the hacker’s botnet server through a communication protocol like Internet Relay Chat (IRC) or HTTP. At this point, the hacker can begin distributing commands to the bots. A bot herder can use command programming to instruct each device to perform various malicious activities or cyber attacks including stealing user data, launching DDoS attacks, spamming, crypto mining, and more.
Most commonly, hackers use botnets to steal money and gain respect among their criminal peers by showing off how many machines they can control. A successful botnet attack can be lucrative enough to justify the expense of hacking the software and hardware required to create it.
Hackers use a variety of strategies to deploy and manage botnets, but most of them are based on one of two structural models. A client-server botnet has a hierarchical structure with the server sitting at the top of a hierarchy of infected machines. In contrast, a peer-to-peer botnet is made up of devices that act as both clients and servers, making them harder to detect and shut down. Peer-to-peer botnets are also more resilient than client-server structures, and can continue to operate even if the C&C server is taken down.