How Your Computer Could be Part of the Zombie Horde

It’s common to think about what our computers can do for us. Some feel a prickle of unease when it starts to act sluggish, beginning to think about how long they’ve had their computer and how old it really is, but, more often than not, many people can be quite loyal to their computers, tolerating it slowing down and the odd crash, because they believe it mostly works. 

However, in this world of increasing cyber threats, an important question needs to be considered: What if your computer doesn’t just work for you? 

It’s entirely possible your computer might have already been tricked into working two jobs, one as your servant and the zombie slave of another, anonymous person with malicious intentions.  It’s possible your overburdened computer may have been drafted by hackers to carry out cyber attacks on others without your knowledge.     

We’ve heard the same old story of cybersecurity: Be wary of clicking on links in emails or links on social media. Phishing is always on the rise and hackers have become increasing sophisticated in tricking people into downloading malware, including managing to impersonate the emails of CEOs of companies, all to gain access and take control of your PC. 

Malicious bot software and botnets are top-of-the-line in this evolution. 

What are botnets and what can they do? 

Malware on your computer is always alarming, and an increasingly common example is malicious bot software being installed on your device. This type of bot software essentially turns your computer. Not only can it steal your passwords or log your keystrokes, but it can also steal a portion of your outbound connection and utilises it for DDoS attacks on websites and services. DDoS stands for Distributed Denial of Service. This type of DNS attack has notably been used against many companies, including Amazon who had defended itself against the largest DDOS attack ever recorded. 

Hackers commonly infect thousands upon thousands of computers, each computer becoming a bot, and, thus, creating a botnet. This infected computer could be anyone’s from a doctor’s to a retail worker’s to a CEO’s. 

The way it works is that the malicious bot software makes your computer and thousands of other zombie computers start emanating traffic. They amplify the traffic coming from each of these computers to high levels and then reflect it at the target server to wreak all havoc, all while spoofing source IPs so the target has great difficulty honing in on where the traffic is specifically coming from. 

Generally, on the internet, when you try to connect to a server like Amazon via your computer, behind-the-scenes your computer sends a SYN (synchronised) packet, making the request, the server sends a SYN-ACK to acknowledge the request, your computer is supposed to reply ACK and then a connection is established and then you can order products, sell things or write up product descriptions. 

This is called TCP (Transmission Control Protocol) connection; protocols are the rules of machines and the internet as they interact. It’s normally very logical and orderly. 

However, like with many systems, malicious actors such as hackers can inject chaos. 

Meeting up with and hosting people requires effort, even for a server, especially when too many visitors show up at once. Hackers take advantage of this by creating a SYN flood. This is where the malicious actor uses these thousands of bot-infected computers in their employ, without their owners’ knowledge, to barrage websites with SYN Packets that only half-connect all at the same time, over and over again. This clogs up the server, overwhelming it with illegitimate traffic to the point it can’t even deal with legitimate requests from real users, creating a denial of service, a DDOS attack. 

How can you determine if your computer has been turned into a bot?   

There can be a number of signs, often taken for granted, which indicate that your computer is infected by the malware. The signs can frequently include: 

• Inexplicable computer crashes. 
• Slow internet access and programs. 
• Issues with your computer shutting down. 
• Intrusive pop-ups on your desktop. 
• Your contacts have received emails from you that you didn’t send.  
• Your Task Manager logs show suspicious activity. 

Once you’ve managed to determine that your computer is infected, it’s about making sure that you have an up-to-date antivirus with advanced malware features to deal with the problem. 

To safeguard better in future, some key things you can do is: 

• Make sure antivirus software remains up-to-date. 
• Make sure all your software is up-to-date with patches, as companies often release them to fix known bugs hackers could exploit. 
• Utilise longer, more complex passwords. 
• Have a pop-up blocker. 

What if you’re a company that can be targeted by this attack? 

With more than a record 10 million DDoS attacks in 2020 alone, which is expected to only increase for the foreseeable future, now more than ever, you need means to detect and defend against this type of attack. 

Securiwiser allows you to monitor the cybersecurity status of your site in real-time, displaying the data you need to know in a clear, easy-to-read dashboard. It creates an overall security score for your company and flags up threats and vulnerabilities hackers will try to exploit. Its DNS Health Monitor is specifically designed to help your company prevent DNS attacks like DDoS, as well as many others, including DNS Hijacking and Tunnelling. Sign up for a free trial today.