Government Technology

Personal Computing: Zombies an Increasing Concern



May 8, 2009 By

Computer zombies are out to get you. That may sound like a tagline from a bad B movie, but there's truth behind it. A "zombie" in the computer lexicon is a computer that has been taken over by a piece of malicious software planted by a hacker typically for the purpose of secretly sending out unauthorized mass e-mail, or spam. That computer could be yours, and you could be totally in the dark about it.

According to a just-released study by computer security software company McAfee, cyber-criminals are having increasing success in commandeering the computers of others through the Internet in this way. McAfee has a vested interest in sounding the alarm. By doing so, it stands to sell more software. But it's a company that has been around since 1987 and has a good reputation.

In the U.S., fully 18 percent of personal computers have become zombies, which is nearly a 50 percent increase from the previous quarter, according to McAfee Threats Reports: First Quarter 2009.

If your computer is turned into a zombie, it becomes part of a "botnet," or robot network. This also sounds like science fiction, but it's frighteningly real. Botnets can consist of thousands of commandeered computers all working behind the scenes to carry out the objectives of the person or persons behind them.

One botnet facilitator, a Web hosting company in San Jose, Calif., was taken down in November 2008, but only after reportedly being responsible for billions of spam e-mails a day.

Botnets aren't all set up for nefarious purposes, but those consisting of zombies are. Along with spam, zombie computers may be used for other purposes as well.

Zombies can launch "distributed denial-of-service" attacks, where a large number of computers are directed to access a single Web site simultaneously, overloading it and preventing legitimate users from accessing it, or "distributed degradation-of-service" attacks, which are a less intense but more frequent flooding of a Web site designed to slow it down and compromise its usability.

Another purpose carried out by zombies is connecting en masse to Web sites that carry pay-per-click advertising. Here the false connections don't bring or slow the site down but instead artificially boost "click-throughs" on its ads, thereby committing "click fraud."

Spam remains, however, the most common reason that zombie networks are set up. Among the most common items advertised by spam, according to the McAfee report, are counterfeit prescription drugs, bogus male enhancement products and counterfeit watches. The connection is clear.

Another big part of the spam problem are "phishing" attempts that try to trick you into revealing credit card, banking, Social Security or other personal information so the criminal or criminals behind them can steal your identity.

Welcome to the computer age.

Though criminal activity involving computers may be increasing, it has been around from before the time that the personal computer revolution began in the late 1970s and early 1980s. There's no cause for panic. There is cause for prudence.

To protect yourself, most importantly, use a firewall program designed to block incoming and outgoing traffic. The firewall software that comes with Microsoft Windows and the Mac OS provide basic protection, but as with most such bundled utilities, you can do better with a third-party program.

McAfee and Symantec provide robust firewalls, sold separately or packaged in their security suites. ZoneAlarm, available in free and pay versions, is another well regarded firewall. Whatever you use, make sure you keep it up to date.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
Maintain Your IT Budget with Consistent Compliance Practices
Between the demands of meeting federal IT compliance mandates, increasing cybersecurity threats, and ever-shrinking budgets, it’s not uncommon for routine maintenance tasks to slip among state and local government IT departments. If it’s been months, or even only days, since you have maintained your systems, your agency may not be prepared for a compliance audit—and that could have severe financial consequences. Regardless of your mission, consistent systems keep your data secure, your age
Best Practice Guide for Cloud and As-A-Service Procurements
While technology service options for government continue to evolve, procurement processes and policies have remained firmly rooted in practices that are no longer effective. This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes.
View All

Featured Papers