Other bot attacks may focus on expanding the attacker’s kingdom. For example, an attacker might want to infect more devices so they can use them in future attacks or rent them to other attackers to make money. Bots are also often used to generate and spread spam, phishing attacks, malware, and other malicious code and content, which are all intended to infect more devices.
A third type of bot attack focuses on using the bot to perform a larger incursion as part of a vast army of bots known as a botnet. Attackers use botnets to perform coordinated, large-scale distributed denial of service attacks. DDoS attacks can make websites, networks and other computing services unavailable for extended periods.
Another example is credential stuffing. Through bot infections, phishing attacks and other means, an attacker may collect usernames and passwords for internal university systems. In a credential stuffing attack, one or more bots automatically log in to as many internal resources as they can using all the collected login credentials.
EXPLORE: How to avoid security breaches within the IT department.
Reducing Infection Requires Proactive Security Controls
Any type of computing device can potentially be “botted.” Bots can reach and infect devices through all the typical methods attackers use: exploiting unpatched vulnerabilities and software misconfigurations, tricking users through social engineering, and doing drive-by downloads. Infections can’t be completely prevented, but there are some best practices for reducing infections in common device types.
Whether dealing with physical or virtual servers, desktops or laptop computers, follow all conventional cyber hygiene practices, such as keeping the operating system and applications fully updated, running up-to-date anti-virus software and configuring all software with security in mind. For internal university systems, such as those for finance, keep networks separate and tightly restrict incoming network connections.