Think Before You Click

Article by Ron Frechette

October is National Cyber Security Awareness Month (NCSAM) in the US and continues to grow throughout many countries around the world.  It was created as a joint effort between government and industry to increase cyber security awareness for Americans to ensure we are continually learning to stay safe and more secure on line in our private and professional lives.

This is also the time of year we celebrate Halloween.  So, for this month, we decided to combine the theme of NCSAM and Halloween in an effort to spook you into the mindset of “Think Before You Click”!

Halloween brings the threat of witches, vampires, werewolves, and zombies looming around every corner, ready to cast a spell or take a bite out of us and turn us into one of them.  As children growing up, many of us have a scary Halloween memory or two we still remember.  Back then we believed in the existence of these old folklore creatures.  As we grew older, we began to realize there are no zombies hiding in our bedroom closets that were going to get us… and the horror of Halloween began to wear off over time.

What if I told you that zombies really do exist? At least they do in cyberspace.  In the cybersecurity world, we call these monsters, “Computer Zombies”! Based on a significant increase in data breaches and compromises we are seeing this year, we could very well be experiencing a Computer Zombie Apocalypse!  In fact, the odds are extremely high that some of you have already become victims of these horrific acts.  If so, your computers may be causing great harm to others and you have absolutely no idea what and when this is happening.  Talk about spooky! That alone should be enough to make the hair on the back of your neck stand up!

What is a Zombie Computer?

A zombie computer is a computer connected to the internet that has been compromised by a hacker or computer virus that can be used for malicious purposes under the direction of a cybercriminal from a remote location. Most owners of zombie computers have no idea their system is being used in this manner.  Because the owner is unaware, these computers are symbolically compared to fictional zombies.

A key sign that your computer is under a zombie spell is when it suddenly begins working extremely slow for no reason whatsoever.”

This is probably because it is busy attacking other computers as part of a botnet.

What is a Botnet?

Botnet is an army of literally tens of thousands of internet connected devices that are controlled by a group of cyber criminals. Botnets can be used to perform distributed denial-of-service attacks (DDoS attack), steal data, send spam, and allow attackers access to the device and its connection.  The word “botnet” was created from the words “robot” and “network.”  Botnets have been in existence since 2004.  The Marina Botnet is one of the largest discovered which had an estimated 6,215,000 bots.  Imagine an internet army of over six million enemy soldiers that can attack at once. And then imagine that your personal computer is participating in the attack without your knowledge of it ever happening.

Botnets are Big Business on the Dark Web

Creating zombie computers for botnets is an extremely lucrative business in the cybercriminal world.  The group that controls the botnets will pay another group for every computer they infect with malware that allows them to control our PCs remotely for malicious purposes.  They will link it in spam e-mails, post malicious links to forums, setup malicious websites, and anything else they can think of to get you to click the installer so they can get paid for another install.

Updating anti-virus software is not very effective in protecting us from this type of attack. It is because most of the general public is not highly educated in cybersecurity best practices and cybercriminals are very good at tricking us into loading malicious software.  Often, they masquerade themselves as legitimate anti-virus software when, in reality, we are loading malicious software that enables malware developers the ability to install things like rootkits and botnet enabling software. Thus, adding another zombie soldier to their botnet.

How Can We Avoid the Zombie Apocalypse?
  • NEVER click a link you are not familiar with or provide personal information to anyone when chatting online – Even when talking on social media sites like Facebook, if your friend starts asking off the wall questions, make direct contact through phone or text to make sure it is really them.
  • Consider Using a Second Scanner – Many anti-virus programs don’t detect bot net-related software. Consider installing a second opinion scanner such as Malwarebytes to see if your primary anti-virus software did not miss anything.
  • Constantly Strive to Educate Yourself about Cybersecurity Best Practices – many people still don’t understand that the threat of becoming wrapped up in malicious activities in cyberspace is very real and can have horrific consequences. Knowledge is power!! Get smart about cyber!

In closing, Think Before You Click!

Wishing you all happy National Cyber Security Awareness month and a safe and fun Halloween!

Questions? Send me a tweet: @GoldSkyRon or email ron.frechette@goldskysecurity.com

GoldSky Security offers small and medium sizes business cybersecurity solutions across the US and currently has offices in Orlando, Florida and in Denver, Colorado.

Sources:

https://www.lifewire.com/what-are-malicious-bots-2487156

https://en.wikipedia.org/wiki/Botnet

https://en.wikipedia.org/wiki/Zombie_(computer_science)