Monday, November 16, 2015

Cyberthreats: Botnets and Zombie Armies

by M. J. Joachim

Botnets, aka zombie armies, hijack Internet transmissions without the owner’s knowledge. They are malicious software intended to control pc’s and devices, enabling them to send spam, scan computer environments, insert worms, Trojan horses, malware, spyware and more, all from a remote location, without the computer owner’s knowledge or approval. According to Imperva Incapsula, “Occasionally referred to as a “zombie army,” a botnet is a group of hijacked Internet-connected devices, each injected with malware used to control it from a remote location without the knowledge of the device’s rightful owner. From the point of view of hackers, these botnet devices are computing resources that can be used for any type of malicious purposes—most commonly for spam or DDoS attacks.”

Spam is unwanted and intrusive advertising. DDoS is a Denial of Service attack, which is capable of paralyzing computers, making a machine or network unavailable for its intended users. This can include site redirects, where hackers forward or send your site to a different location than its intended target. It can also extend to identity theft, because if someone else is controlling your computer, they have access to your personal files and information.

Infections from botnets happen when unsuspecting owners click on unsafe links containing malware, which then inserts the worm or Trojan, releasing the zombies to overtake their intended target. Files with malicious links, attachments in emails and/or clicking on unsafe sites are all ways people can infect their computers with botnets. Botnets multiply like bunnies - once they are activated, they set to work multiply and infecting everything in their vicinity, which on the web can be quite a large and expansive territory. According to Norton by Symantec, “Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal. Many of these computers are infected without their owners knowledge.”

Signs of Botnet Invasion

1. Your computer is slow and unresponsive. It takes forever to access the Internet, sign into regularly used sites, browse for purchases or to do research, shut down or turn on your computer.

2. You have unexpected or recurring computer crashes. Your computer shuts down unexpectedly, blinks or burps suddenly and often, glitches as if performing another task when you haven’t done anything to it.

3. You receive error message increases and/or are blocked from security websites, or you get strange messages you’ve never seen before. Pop ups might also become more prevalent.

4. Your hard drive and storage has less space, even when you know you didn’t add anything to it, or change it in any way.

5. Your firewall and antivirus don’t work effectively, meaning you start getting a lot of pop up ads and other intrusions you never got before, indicating your computer might be compromised.

Preventing Botnet Invasions

  • First and foremost, protect your computer! Install excellent security antivirus and malware protection, and keep it up to date. 

  • Check your browser and make sure you have maximized its security.

  • Protect yourself by limiting user access to your work. Yes, this means monitoring comments and not clicking on links, even when you think they are safe. Cyber criminals want you to think they won’t harm you, and they work very hard to gain your trust, so they can infect you with their botnets. 

  • Delete all communication that even remotely seems suspicious. Follow your gut on this one. But also clean out your email and all old documents, downloads, photos, anything with a link or message that might be suspicious in the least. Check your blog for spam comments or comments with links in them too, and delete these if you suspect they might be infected. Then run a scan or your antivirus software, to make sure there are no problems with your security.

  • Scan your computer regularly, and stay abreast of any unsuspected changes related to storage use, downloads and any suspicious behavior that might indicate there’s been a breach in security.

  • Protect all your devices in unison, since most of them are connected to each other these days. Where one is unprotected, all are at risk, so be diligent and protect all your devices simultaneously.

Check to see if you are infected with botnets. Kaspersky offers this free IP check, so you can determine if you’ve been infected. According to Stop, Think, Connect (.org), “What you do online has the potential to affect everyone – at home, at work and around the world. Practicing good online habits benefits the global digital community.” Be diligent and stay safe, because cyber criminals are out there, and they like easy and unsuspecting targets. It’s up to us to make their lives difficult, so they don’t wreak havoc in ours.

We’re all in this together, so we might as well do our part to be as safe and secure as possible. Thanks so much for stopping by and visiting today.

M. J. 

©2015 All Rights Reserved Photo credit: CCO Public Domain