JDPFu.com 2025

Are You Part of a Botnet?

Every time I speak with someone who isn’t worried about viruses on their computer(s), they always say, “there’s nothing important on my PC.” That may be true, but most viruses are not just about the data on your PC. Those nefarious programs are about using your PC and your high speed connection for whatever tasks the virus writers desire. Basically, they want your PC to be part of their botnet.

Botnet Uses

Botnets are distributed networks of computers that check in every few hours or every few days to a control group of PCs that tell each PC what to do. Botnet-controlled PCs are told to

1. search the internet for other PCs that can be infected; always adding more is important
2. send spam email for pron or drugs (Buy Viagra!) to get cash
3. request specific attacks on specific computers and networks to take targets off line
   1. force companies to pay a ransom to stop network-based attacks
   2. prevent time sensitive communication (block critical events)
   3. take pretty much any company off the internet

Combating Botnets

Botnet attacks begin with a flood of requests to the target server and network. Initially, those packets are not very complex and all look the same. If the target has the experts available, blocking those simplistic attacks the connectivity provider and letting just real user packets is easy. A committed attacker would change the attack to appear like normal users and dynamically use slightly different packets from each of the botnet controlled PCs so the protecting experts wouldn’t be able to use a simple blocking rule. With every counter move from the protectors, the attacker would use another, slightly different, more complex attack and this just needs to go on long enough to cause a critical time sensitive event to pass. Remember, the attacks are coming from many thousands of PCs all over the world. Sure, only 200 PCs are needed, but those 200 would be singled out and blocked quickly, so another 200 and another and another are needed. That’s what botnets provide, millions of PCs to attack companies around the world.

Imagine that you are an off-shore sports betting internet company. A week before the largest betting event that your company gets, you receive a ransom request demanding $50,000 of your network will be taken off line for the next 10 days. Your company will spend $40,000 fighting an attack and will make over $2M off the bets (at least). What would you do? Would you pay or fight? If you pay, then the attackers know exactly how to get paid before every major event. If you don’t, you could be taken off line and not see any of that money from your customers.

The same attacks against the betting industry are effective against any internet-based business or information flows. If the network is relatively small, like Burma, then taking an entire country off-line is trivial.

Just to be clear, the JDPFu.com website could be taken off line by just a few attacking PCs. The website at the company where I work can be taken off line by 30 PCs attacking.

What can you do?

Secure your Desktop PCs, Secure Your Browser and Secure Your Network. For a home user, I’ve written about security many times. Please, do your part.