As we wrap up National Cyber Security Awareness Month on Halloween, it just seems fitting to talk about Zombie Computers. In this article, we’ll explain the warning signs that may indicate your computer is part of the undead, what you can do about it, and prevention. But first, what is a zombie computer and why is it a problem?
What is a Zombie Computer?
A zombie computer or zombie PC is a computer that’s been taken over by a third party without the owner’s consent. These computers then carry out actions under this remote control, typically, without the owner’s knowledge.
Keep in mind, any computer or operating system can become infected. Not just your laptop or desktop. That means with IoT becoming more mainstream and computers being integrated into your appliances like refrigerators, washing machines, even door locks, all of these devices can potentially become zombies.
Read: 9 Tips to Secure Your Smart Home
What is the point of a Zombie Computer?
Zombies are used for all sorts of malicious and nefarious cybercrimes. Your computer could be used to send spam, launch DDoS attacks (Distributed Denial of Service), turn more computers into zombies by sending malware to those devices or used for the purpose of running cryptocurrency mining modules.
Once a computer becomes a zombie, it’s commonly part of an army of zombies, referred to as a botnet. Botnets are a network of infected computers being controlled by a single group or hacker. These networks are no joke. Small botnets can range from a few hundred to a few thousand computers and large botnets can run into the millions. All without raising suspicions from their owners/users. These botnets can be sold or rented out but remain dormant until the control computer issues a command.
Read: The Top 5 Botnets 2017
In addition to causing all kinds of mischief across the Internet, having a zombie computer is a huge drain on your CPU, meaning your computer will be running slower. For businesses, productivity will suffer and employees will have trouble working.
Is your computer a zombie? The Warning Signs:
Be sure to rule out innocent factors, such as an obsolete computer, undersized processors, overloaded networks, etc.
- Slow computer performance even with no applications running
- Sluggish internet connection
- Unexplained error messages
- Frequent crashes
- Messages in your outgoing email folder that you didn’t send
- Bounce-back or “undeliverable” notifications in your email mailbox from people you haven’t emailed
- Longer shut down and startup
- Unexpected loss of hard disk space
- Web browser frequently closes for no reason
- Access to computer security websites is blocked
- Unusual internet activity (like high network usage)
- Check if your IP is blacklisted – here’s how
So my computer is a zombie. How do I bring it back to life?
Assuming your running routine backups, conduct a complete system wipe and backup restoration. This is the most painful but also the most effective method to remove the files and software causing your computer to be a zombie. Removing just the suspicious files may not fully remove the malware or additional malware that has been invited into your system. Plus you run the risk of removing files that are legitimate and needed for your computer to function properly.
How to defend yourself from becoming a zombie in the first place.
Most computers become zombies when we’re deceived through phishing attempts or social engineering (psychological manipulation of people into performing actions or divulging confidential information). These attacks can be delivered through emails, links in social media or disguised applications we innocently install. They will lure you into a drive-by download or they will exploit the vulnerabilities in websites and software, such as your browser’s outdated plugins.
- Run anti-malware and anti-virus programs regularly
- Run updates and patches for all your software like your operating system, plugins, applications, antivirus, etc.
- Run an ad blocker to stop malicious advertisements
- Use a firewall
- Run backups routinely and test your backups
- Don’t click on suspicious links
- Educate/Train staff to recognize common phishing practices
- Similar to a Secret Shopper who tests retail staff on behalf of management, test your staff using fake phishing software (our Managed Services clients receive this as an added benefit)
- Don’t download any attachments that you never requested
The digital version of a zombie apocalypse is upon us. These botnets are a much bigger problem than we can imagine. We’re giving cybercriminals the ability to develop and expand their infrastructure’s reach and cause unimaginable damage simply because we don’t take the necessary security measures. But you can stop it simply by following the steps above. If for whatever reason, you need help implementing these measures, don’t hesitate to call Rattan. We will gladly supply network security services and advice. Good luck and Happy Halloween.