The Government of India recently launched an ambitious project called Cyber Swachhta Kendra (CSK) – a Botnet Cleaning and Malware Analysis Center. Developed under the Ministry of Electronics and Information Technology (MeitY), this center will be operated by the Indian Computer Emergency Response Team (CERT-In).
Developed as an essential part of the Digital India initiative to secure the cyber ecosystem of the country, CSK has been set up to analyze botnet infections, notify affected users, help them clean such infections, and prevent such incidences in the future. As we read further, we will get to know about Botnets in detail. Its website offers a number of security tools – one of which is a Botnet Removal Tool – developed in collaboration with Quick Heal Technologies. The Kendra has also worked with renowned R&D organizations such as Center for Development of Advanced Computing (C-DAC) for making other relevant security tools available to its users. These tools are free to use and can be downloaded from here – https://goo.gl/R8wkTU
This article discusses botnet infections, what are its damaging effects, how can they be controlled, and how CSK is playing a crucial role in protecting India’s citizens from such threats.
First, let’s demystify a few misconceptions
Myth 1. The Government of India is providing free antivirus and because of this users do not require an antivirus
The Fact – What the Government is offering are a few security tools that solve a specific purpose when used. These tools are free but they are not a replacement for an antivirus software. For instance, one of these tools is called USB Pratirodh – a software to help desktop users control the usage of USB storage devices.
Myth 2. The Botnet Removal Tool by Quick Heal is a free antivirus software
The Fact – This tool only helps users remove botnet infections from their computer. It is not a replacement for an antivirus software as it does not give protection against malware, viruses, online threats, and attackers.
Myth 3. Quick Heal solutions are now free
The Fact – Quick Heal has only developed the Botnet Removal Tool in close collaboration with CSK, and this tool is available for all users without any cost.
The CSK launch is a highly applaudable move by the Government of India and comes as a welcoming relief to all our digitally enabled citizens who are vulnerable to cyberattacks – particularly now, when we are turning towards digital payments post the demonetization effect. And to understand how helpful this move is not only for common users but security researchers like us, we need to understand what is botnet and how harmful it is.
What is a botnet infection?
A group of computers controlled by cybercriminals (bots) to spread malware and launch other malicious attacks on their targets is called a botnet. A botnet infection is when your computer becomes a part of this botnet. Individual bots can be weak; botnets, however, can be extremely damaging.
How can your computer be bot-infected?
Attackers can make your computer a part of their botnet by infecting it with something called a ‘bot code’. They can drop this code onto your computer by sending you emails containing malicious links or attachments, fake social media posts, or exploiting existing security vulnerabilities on your system.
How Botnets harm individual users and businesses
Because botnets are made up of several computers, they can be heavily misused by attackers against their victims. Some common uses of botnets include:
- Launching distributed denial-of-service (DDoS) attacks on government websites. What happens here is, thousands of computers bombard a website at the same time causing it to go down or become unreachable to its intended users.
- Sending spam emails to users in order to trick them into revealing confidential information such as personal or banking details.
- Stealing information from the infected PCs for use or resale (such as credit card or banking information).
- Distributing other malware like ransomware, keyloggers, spyware, etc., to a large number of users.
- Causing major financial or strategic loss to a targeted nation.
Wiping out Botnet Infections is a Mission
Botnet infections are increasing across the world. Earlier, the main motivation of botnet controllers could have been curiosity or joy riding. But now, it is purely monetary. In an infamous incident which occurred in October 2016, a botnet by the name Mirai was used to launch a DDoS attack on Dyn (Internet infrastructure firm) by hammering its servers with a monstrous traffic of 1.2 Tbps. According to the firm, the traffic originated from 10s of millions of IP address. Prior to this in the same month, the entire country of Liberia was knocked offline by the Mirai botnet. All such incidents only voice the fact that botnets are one of the biggest threats that we face today. Globally, countries are taking all necessary steps to take down botnets in collaboration with law enforcement agencies. According to spamhaus.org, India ranks 2nd among the 10 worst botnet infected countries. As of 28 February 2017, the number of bots detected in India is around 920530.
Cyber Swachhta Kendra (CSK) is a major move by the Indian Government to aid the global effort taken by other countries in the fight against botnets and we at Quick Heal find ourselves honored to join hands with CERT-In in protecting our citizens from such threats.
Activities of Cyber Swachhta Kendra (CSK)
- The Indian Computer Emergency Response Team (CERT-In) collaborates with various industries and academia to actively detect systems infected by bots. When an infection is detected, it informs Internet service providers to monitor bot traffic and track the infected users.
- This is followed by CERT-In notifying the tracked users that their systems are infected and are now a part of a botnet.
- The users are then instructed to download the Botnet Removal Tool from the Cyber Swachhta Kendra website.
- Once installed, the tool runs a scan on the infected computer and cleans the infection.
- CERT-In also informs Quick Heal of new botnet infections it detects and shares samples with our lab.
- Furthermore, CERT-In will work with banks to detect infections in their banking network and work on steps to mitigate damage.
Presently, Cyber Swachhta Kendra is working with 13 banks and Internet service providers in the country.
By running a constant watch on botnet traffic and incidences, and alerting those who are affected, this threat can be tamed. Constant vigilance is the key.
Quick Heal Labs is keeping a close watch on how many times the Bot Removal Tool is being downloaded and the number of bots cleaned by the tool.
Points worth remembering
- The Quick Heal Bot Removal Tool only secures your computer against bots. It is not an antivirus software and does not provide any protection against other malware, viruses, online threats, and attackers. It is highly recommended to invest in an antivirus solution that comes with multiple layers of security that can defend your computer against multiple attacks including those launched using botnets. This will not only secure you individually but will also help CSK’s initiative to protect the entire nation.
- All licensed Quick Heal users are automatically protected from botnet infections and they do not need to download the Bot Removal Tool.
After mankind stepped on the moon, the giant step that followed was probably the invention of the Internet – one thread that connects 7.4 billion people on the face of the earth. And as technology grew, it drew towards it the power of the World Wide Web – connectivity. And here we are today at the pinnacle of the most amazing civilization that could have ever been. But, where technology flourishes, threats come along. The timeline of computer viruses and worms can be traced back to 1949 and slowly but gradually, those threats have erupted to monsters like botnets, ransomware, advanced persistent threats, and so on. In our present situation where we can make the most of technology and the Internet, we face a constant (sometimes hidden) threat from those whose only aim is to create chaos for the sake of money, if not anything else. And the sooner we understand that all of us are a potential target for attackers, the safer we can make ourselves when we come face to face with our digital foes.