How to Survive a Zombie (Network) Attack
Zombie Networks (or ‘botnets’) have grown increasingly popular among computer hackers since 2005. A simple virus or piece of malware download can easily lead to slow and expensive internet issues, and you may remain oblivious while your ‘zombified’ PC spams the globe.
“Spammers, hackers and other internet criminals often use these zombie networks to get the computing power they need to commit their crimes, whether it’s the sending of spam or the sending of other malicious software, most infected users will never even know,” says RSAWEB Helpdesk Consultant, Bevan Stapelberg, “The implications of this vary from simple speed decreases when using your PC to being involved in a criminal investigation in extreme cases.”
Have you been infected?
The initial step for a hacker is to ensure, somehow, that their victim installs the malware. This can be done through simple paths like e-mail, peer-to-peer networks or on specific web sites.
“There are lots of ways malware can infect a user’s pc or network,” says Stapelberg, “Most common are innocent looking files pretending to be something they are not and when run they install the malware. Also common are pop-ups that appear when browsing the internet. These pop-ups often install the malware regardless of whether you click the “OK”, “Accept”, “Close” or “Cancel” options. In this day and age verifying the source of applications is trusted and being on your toes when confronted by suspicious email or webpages is key.”
The symptoms to lookout for:
* Suddenly sluggish broadband connection,
* Anti-spam requests and warning emails from your ISP,
* An unresponsive mouse or keyboard,
* Excessive hard drive activity,
* Bounce notifications in your inbox from people you never tried to contact.
Keep in mind that your PC can still show these symptoms without being infected, instead it may simply be hardware failure due to damage.
Is there a cure?
As security protocols and anti-malware software improve, hackers are finding alternative ways to hack your computer for their Zombie Network. However, experts still agree that having antivirus software and a personal firewall in place, while ensuring your system updates are up to speed, can greatly reduce the risk of being hacked.
“Having a well configured firewall is essential to protect your network against becoming part of a zombie network,” says Stapelberg, “This will allow you to monitor traffic coming in and out of your network. If your network is spamming people, you can check outbound traffic on port 25 or use an SMTP traffic analysis tool. In the case of large amounts of traffic on your internet connection you can check for odd behaviour like increased UDP traffic or traffic on random port numbers, keeping in mind that most legitimate traffic will be on port 80 or 443.”
Stapelberg advises that the best way to prevent an infection is to ensure that you have the right security measures in place. Alternatively, you can also talk to your Internet Service Provider, like RSAWEB, to remain updated with your network’s health status.