It’s Halloween time and I run into the same problem every year, I can’t predict how much candy to buy! Either I run out before the street lights turn on, or I have a bucket-full left over (which I then proceed to consume over the next week).
Halloween reminds us that there are evil spirits that need warding off by Frozen Princesses and Captain America. The tradition is based on supernatural superstitions, but real threats are at our doorstep every day!
In 2009, I was called-on by ABC News to discuss a Virus that brought down the Houston, TX court system. Known as Conficker (a.k.a. Virut, Downup, Kido), this virus infected over 10 million devices, creating a botnet of Zombie Computers.
„A Zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks.“
Zombie Computers account for up to 80% of SPAM email. Hackers use Zombie Botnets because it increases their anonymity, uses the zombie’s bandwidth and helps increase the spread of Trojans (which can be used for phishing, click fraud and other social engineering scams). SPAM emails rely on user gullibility, but there’s plenty of that to go around.
How are computers compromised? In order to infect a computer, the attacker must install a program on the victim’s device which is done through e-mail, P2P networks or executables from seemingly „normal“ websites.
Zombie programs lie dormant (like the undead tend to do) until the hacker initiates a command. This makes it difficult to know if your computer contains the virus! But it’s important to know that any device, whether mobile or desktop, can be infected and contamination is the direct result of not following proper security protocols.
Zombie Boot Camp:
1) Install a reputable desktop AntiVirus program and keep the signatures updated as much as possible (be vigilant)!
2) Scan your own devices for Spyware/Malware using any number of DIY products.
3) Make sure you deploy a firewall, SPAM filter, Content (Web) filter and Intrusion Prevention System (deep-packet) at the gateway that scans for zero-day threats.
4) Follow network security best practices: No foreign thumb drives, changing and creating complex passwords, not clicking on unknown programs and email attachments, etc.