E-Mail accounts are one of our most important communication tools: we use them to register for online portals, for private and business exchanges, and as an organiser and digital address book. It is therefore all the more important to make sure your account is well-protected. But what if your e-mail account does get hacked? Our guide explains what methods internet criminals use to gain access to...
Roughly half of all internet traffic today consists of bots that are used to simulate human communication in social networks, search for content online for companies, perform search engine optimisation, automate customer service and carry out criminal activities such as data theft, scams, and DDoS attacks.
Bots are digital tools and, like any tool, can be used for good or for bad. In order to understand how bots can support companies by automating simple, repetitive tasks or in what ways your own cybersecurity needs to be beefed up, you need to be familiar with bots and what they can do.
What is a bot?
The term ‘bot’ comes from the English word ‘robot’. Similar to mechanical robots, internet bots are programmed to perform specific repetitive tasks. To do so, they execute clearly defined commands through algorithms and scripts which they can do faster than any human could. Bots are thus computer programs that operate autonomously and automatically and do not depend on human input or supervision to perform their functions.
The first internet bot was the World Wide Web Wanderer. First deployed in 1993, it measured the growth of the internet and stored data in the Wandex index. Nowadays, the range of applications for bots is much more diverse. They can be used as chatbots for customer service, social bots in social networks, web crawlers to analyze websites or even as botnets for spam and phishing attacks.
How does a bot work?
The easiest way to explain how bots work is to compare them with physical robots. Unlike physical robots, they do not consist of physical machine parts, such as screws, screw threads, plastic, and wires. They are instead made up of code. The code contains the required commands and instructions for telling the bot how to communicate actively with or in response to human users, systems or other bots.
Designing bots can be very simple. However, modern bots also use complex code and artificial intelligence which can sometimes make them hard to distinguish from human users in a social network. Nowadays, even your average Joe can program a bot. There are numerous tools and interfaces available online that enable users to program both simple and complex bots. For example, Twitter allows you to create your own chatbots for tweets, retweets, and likes.
Below, you will find a snippet of code from a chatbot. In this example, the bot uses the XML-based description mark-up language AIML, which is frequently used for chatbots.
<aiml> <category> <pattern>What is your name?</pattern> <template>My name is Chatbot.</template> </category> <category> <pattern>What are you?</pattern> <template> <srai>Who are you?</srai> </template> </category> </aiml>
Bots can perform various simple or complex tasks depending on the algorithms defined in the code. Communication usually occurs via internet-based platforms and services, such as instant messaging (IM) or Internet Relay Chat (IRC).
What functions can a bot perform?
The functions and tasks a bot can perform are as diverse as the range of applications on the internet. The most common functions of a bot include:
- Supporting communication services on instant messaging platforms (e.g. Facebook, Twitter, and WhatsApp);
- Autonomous data scraping (i.e. data collecting) and data crawling in which the information on a website is searched through, analysed, and indexed using keywords, pattern matching, and hashtags;
- Simulating and automating predefined communication using specific keywords, algorithms and hashtags (e.g. in chats, on websites, and in customer service);
- Using the interfaces of other applications and bots to perform additional functions (e.g. collecting and presenting data from weather or traffic apps);
- Offering and performing automated services, such as translating, personalised advertising, and placing orders;
- Performing game functions (e.g. chess); and
- Building botnets to create computer networks for the purposes of data theft, scams, and DDoS attacks.
What does the structure of a bot consist of?
A bot consists of three basic components:
- Application logic or workflow logic: This is the executable, machine-readable code written by the programmer to define the bot’s functions and tasks.
- Database: This contains essential data and information that the program can access to perform its function. The database can be actively extended, as is the case with search engine bots (i.e. web crawlers).
- API (application programming interface): These programming interfaces enable programmers to access the functions of other applications without having to write them themselves. Using specific code interfaces, APIs can integrate foreign software commands into the bot’s code to extend the bot’s functions. For example, a chatbot can integrate the function of a road traffic app into its code to provide traffic information to its users via the interface.
Rule-based bots and self-learning bots
Simple bots use the concept of rule-based ‘if-then-else’ programming to execute clear, predefined commands and tasks. Modern bots are now able to further evolve using artificial intelligence to extend their own databases and learn new functions and terms. Bots can thus be categorised into rule-based bots and self-learning bots.
Rule-based bots and self-learning bots can be further categorised into five groups based on their primary functions:
- Entertainments bots
- Commercial bots
- Service bots
- Message bots
- Malware bots
What are the different types of good bots?
Bots can be used for a wide range of applications on the internet and are all similar in that they can be used for both legal and illegal purposes.
Commonly used good bots include:
- Social bots: This is a collective term for all bots that operate on social media and perform automated tasks related to online support, FAQs, direct messaging, commenting on posts as well as likes, shares, retweets and follows.
- Web crawlers: This type of bot collects and analyses data and information from websites to extend the functions of search engines and comparison portals, register and index new web content, create links and optimise search requests.
- Chat bots: These imitate human chat users and simulate natural communication. For example, they can be used as recognisable bots in customer service to accept customer service requests and process FAQ requests or as covert bots to simulate real users.
- Gaming bots: These are bots that appear in video games as fake players (i.e. non-player characters).
- Shopping bots: These bots are used to compare online prices and search for the cheapest offers or to select the most popular shopping websites for users.
- Monitoring bots: These are used to monitor the status of a website or system.
To define which directories web crawlers (i.e. search engine bots) are allowed access to on your website, use the robots exclusion standard protocol, better known as robots.txt. In this file, crawlers will find specifications on what website data is available for indexing and analysing. Using the robots.txt file, you can thus influence the appearance of your website in search results.
What are the different types of malware bots and how do they work?
While bots have many positive functions and numerous services, such as search engines, instant messaging, and comparison portals, would be impossible without them, they generally have a bad reputation due to malware and hacker attacks. This is because many bots are developed specifically for the purpose of performing illegal and harmful activities.
The following are some types of malware or malicious bots:
- Propaganda or manipulative bots: These are social bots that simulate user profiles, shape digital opinions, and spread political messages, fake news, and conspiracy theories. They can also react to comments and posts based on keywords.
- Scam/phishing bots: These bots commit data theft through pseudo-links, fake emails and fake websites.
- Keylogging bots: These bots are used to log message traffic or to record, store, and forward all activity on a computer.
- File-sharing bots: These bots respond to targeted search requests and offer users a link to the desired search term. When the user clicks on the link, the bot can infect the computer.
- Spam bots: These bots send large amounts of spam emails and use the address books and contacts of unsuspecting users to expand the reach of their spam in a targeted manner.
- Zombie bots: Zombie bots are computers that have been infected by malware or that have been integrated into a botnet to provide computing power for large-scale botnet attacks. It is often difficult to identify compromised computers that are part of a botnet.
- Botnets: A botnet is a collection of infected computers that are connected together in a network and employed by malware bot users for DDoS attacks.
What types of attacks can botnets perform?
Malware bots are used for a variety of illegal activities. These include:
- Carrying out data and identity theft by scraping, phishing and keyloggingsensitive information, such as passwords, banking information, and addresses;
- Performing distributed denial-of-service attacks(DDoS) which can paralyze servers by overloading them with massive amounts of data traffic;
- Using backdoors in computer security systems to infect those systems; and
- Retransmitting spam to redirect data packets.
The following are the five most common large-scale bot attacks:
- DDoS attacks: These are used to target and overload servers (see above).
- Spamming and traffic monitoring: This is used for overloading mail servers or carrying out large-scale data theft.
- Denial of inventory attacks: These attacks target online shops to list their products as ‘not available’.
- Scraping attacks: These are used to steal and sell data.
- Credential stuffing attacks: These attacks use stolen account information to carry out automated, large-scale login attempts.
Anyone doing online marketing should consider simplifying and automating their task management with good bots. Bot management should also be an essential part of your company’s cybersecurity. It will help you detect malware bots more easily and better protect your website or online shop from them. You can also grant access to bots that are known to be harmless.