FBI: The Battle Against Botnets
Wednesday, October 29, 2014
Botnets—nefarious networks of computers infected by automated malware programs—are on the rise, and as we come to the end of this year’s National Cyber Security Awareness Month, we’d like to call your attention to what the FBI—along with our public and private sector partners—is doing about them and how you can minimize your chances of unknowingly becoming part of one.
Botnets can be used in distributed denial of service (DDoS) attacks, proxy and spam services, malware distribution, and other criminal organized activity. They can also be used for covert intelligence collection, and terrorists or state-sponsored actors could use a botnet to attack Internet-based critical infrastructure. And they can be used as weapons in ideology campaigns against their target to instigate fear, intimidation, or public embarrassment.
The impact of botnets has been significant—they are estimated to have caused more than $113 billion in losses globally, with approximately 375 million computers infected each year. Botnets have attacked financial institutions and other major U.S. businesses along with universities, hospitals, defense contractors, and law enforcement and government agencies.
To address the most significant botnets threatening the U.S. economy and our national security, the FBI launched the Operation Clean Slate initiative. Operation Clean Slate, spearheaded by the National Cyber Investigative Joint Task Force (NCIJTF), is a comprehensive public/private effort that targets the criminal coders who create these botnets. The 2-year-old initiative—which incorporates all facets of the U.S. government, international partners, major Internet service providers, the U.S. financial sector, and other private sector cyber stakeholders—has already seen successes, including actions against the Blackshades, GameOver Zeus, and Citadel botnets.
How can you protect your own computer from becoming part of a botnet? Here are a few tips:
- Make sure you have updated antivirus software installed.
- Enable automated patches for your operating system.
- Use strong passwords, and don’t use the same one or two passwords for everything.
- Don’t open attachments in unsolicited e-mails, and never click on URLs contained in unsolicited e-mails.
- Download free software only from sites you know and trust.