What is a BotNet?

A BotNet consists of a large collection of infected systems that can be remotely operated by a single threat actor in order to execute large-scale malicious purposes. Botnets can be used to send spam email, launch denial-of-service attacks, or more. Although the owner of the affected device is unaware, a threat actor can make use of the system to do their bidding in future attacks. An infected device is often called a “zombie” and the greater total collection of zombie computers constitute a botnet. A botnet can be made up of hundreds or thousands of infected computer systems.

How to Recognize This Threat: A computer or device that is part of a botnet will run especially slow while the user is active, and will also continue activity when the user is not present. The method of infection is typically downloaded malware, often from a suspicious email attachment.

How to Prevent This Threat: To prevent devices on your network from becoming infected as well as decrease the likelihood of a potential botnet attack, protect your organization with a firewall along with a security services subscription. Get a Sophos or SonicWall firewall Free with a 3-year subscription!