Pandora’s Bot: How Cyber Weapons Can Wreak Havoc

Bottom Line: U.S. cyber defenders know how to take down botnets – networks of computers that have been hacked to act as one – but not how to keep them from coming back, nor necessarily how to determine who is behind them and hold them accountable. These networks under the remote control of hacktivist, criminal or state-sponsored hackers are able to wreak havoc on modern society by enabling theft, espionage, information warfare and disruption at an unprecedented scale.

Background: Botnets spread by scanning networks for computers running software with known vulnerabilities or easily guessable default passwords that can be automatically exploited, or by spamming inboxes with automated social engineering emails to trick protected users into compromising their own security. Once built, botnets are able to siphon off personal, financial or even confidential information, amplify disinformation on social media sites, and disrupt critical services by flooding third party servers with artificial traffic until they get knocked offline.