Yesterday, we announced we were taking our Constant Guard Bot Detection and Notification service nationally. As the nation's largest ISP, we have a responsibility to protect our customers from online threats, and this is yet another step we've taken in this direction. Bots are a fairly new phenomenon, and as the Messaging Anti-Abuse Working Group (MAAWG) pointed out earlier this year a healthy majority of consumers don't understand what a bot is. A good article to read is Elinor Mills' post at CNET.
One of the first things we're trying to do is educate our customers about bots and what they can do about them. Our bot detection and notification service is an effective network-based solution, which means there is no software for our customers to download, and absolutely no searching into individual's computers. So our customers can have peace of mind knowing that Comcast takes their security and privacy very seriously, and is working to protect them without customers having to take additional steps to benefit from this offering.
So what are we doing and how does this work? Let me take a step back and explain. A bot is a malicious form of software that is remotely controlled like a "robot" by someone with a criminal intent. Many bots are commanded to send spam or host phishing websites (which are "fake" websites intended to trick people into entering credit cards or social security numbers). Other bots track every keystroke typed on a keyboard. A cyber criminal can comb through that data to find usernames and passwords that lead to identity theft and financial fraud.
To set up a bot, a cyber criminal establishes what is known as a "command and control center" (CNC). This is essentially the bot's brain, which is sent instructions by the person who set it up. The command and control center sits out in the Internet somewhere at a specific IP (Internet Protocol) address. Many of these IP addresses can be identified and flagged by security professionals, Internet engineers and others. Since we know that any communication with the known CNC is from a bot, when contact is made our system sends a notification to the Customer IP address that made contact with it.
Many customers have multiple devices connected to their modems - desktop PCs, wireless laptops, gaming consoles, smart phones, iPads and more - so any one of them could be the one that is receiving commands from the bot.
Cyber criminals are getting more and more sophisticated and we encourage our customers and all consumers to remain vigilant. Be careful what you download to your computers and devices, use up-to-date anti-virus software and take the time to talk with your kids or grandkids or friends about how to remain safe online. For more information, visit www.comcast.net/security.