FYI.

This story is over 5 years old.

Tech

Botnets Can Be Good, Despite What the FBI Says

The director of the FBI seems to ignore the existence of good botnets.
Image: DonkeyHotey/Flickr

FBI Director James Comey isn't exactly a tech expert, as his often confusing demands on encryption have shown. He also doesn't apparently know much about computer security and hacking.

At a Senate Judiciary Committee on Wednesday, Sen. Sheldon Whitehouse (D-RI) asked Comey about botnets, which are a large number of internet connected computers linked to each other to perform the same activities, and one of the most commonly used tools for cybercriminals—a botnet can power a Distributed Denial of Service (DDoS) attack, for example.

Advertisement

"I don't know of a good botnet because botnets are armies of zombies," Comey responded. "Whether they're coming at you or whether they're standing still, it's bad. I don't know of a good purpose for an army of zombies."

"I don't know of a good botnet because botnets are armies of zombies."

Whitehouse, who has introduced a (likely misguided) new amendment to go after botnets, had previously said that a botnet is like "a weed," as "there is no such thing as a good botnet. They're either actively doing evil things or they are a latent mechanism for doing evil things later on."

This bizarre exchange wasn't even the worst one of the day. Republican Senator (and presidential candidate) Lindsey Graham earlier asked Comey whether a gun bought online gets delivered to his doorstep or not (Comey wasn't sure). But Comey's remarks do show once again that he doesn't know a lot of things about tech.

In fact, there are several example of "good" botnets, or at least botnets used by who Comey would probably call "the good guys."

For example, a secret British spy agency unit known as Joint Threat Research Intelligence Group, or JTRIG, used a botnet to attack Anonymous with DDoS attack designed to take down their chat rooms, according to leaked Snowden documents.

And it's not just the UK. France is suspected of doing the same with malware known as NBOT, designed to create a botnet from infected computers and launch DDoS attacks. Marion Marschalek, a security researcher who analyzed it, said it was "really only designed to perform DDoS attacks" and its creators are the same ones who made the Bunny and Babar malware, which the French government is suspected of developing.

There are other examples of what could be called "good" botnets.

Also, the FBI itself had to infiltrate the infamous GameOver Zeus botnet—by replacing it with its own botnet—to take it down and arrest its operators.

There are other examples of what could be called "good" botnets. Participants in the SETI@HOME project, a crowdsourced science project to search for alien life, basically willingly volunteer their computers to be part of an alien-hunting botnet. SETI@HOME is built using the BOINC software, which allows volunteers to donate their computers' idle time and resources to science projects, creating, essentially, a voluntary botnet.

So no, Director Comey, botnets are not just evil armies of zombies.