Were You Unwittingly in the “Zombie” Army that Attacked the Internet?
by Debra N. Diener J.D. CIPP G
The powerful attack on the Internet last week raised many questions — who did it? how did it happen? and could it happen again? Some of those answers are still unknown and could be for awhile. But what is known is that the Internet attack involved millions and millions of computers around the world. And we’re learning that not all of the computers involved are those of companies — some of the computers used, as well as other devices, are ones in people’s homes.
Nicole Perlroth outlined these disturbing facts in a recent New York Times article (see, “Devices Like Cable Boxes Figured in Internet Attack”; page B1, March 30th). In her article, she describes how the attackers used “open resolvers” whether corporate servers or home devices (such as cable boxes) or “virtual” machines in the cloud all of which were configured so they could accept messages from any device around the world.
As she wrote, “[o]pen resolvers have been set up in such a way that they are not unlike the naive users of public Wi-Fi who forget to turn off their file-sharing settings, so that any hacker on the Internet can creep inside the computer. It’s similar to PC users who do not realize that by not updating their software, they let their computers get infected with malware and used as a zombie in a cyberattack.” (pages B1 and B6). A year ago — almost exactly to the day — I wrote about “zombie” computers. I warned about the ways personal computers can be captured by scammers and shared advice on how to protect your computer and private information (March 23, 2012, “Are You Living With A Zombie?”).
Last week’s massive attack is just the latest reminder that we all can, and must, take steps to protect our computers (and our private information). Remember to heed the easy to follow advice from Ms. Perlroth’s article and my prior blog:
- Turn off your file-sharing settings when you’re using public Wi-Fi; and
- Update the software on your PCs and other devices to protect them from becoming invested with malware.
While we can’t thwart all of these attacks, we can try and make it less easy for our devices to be used by the attackers.
You may also enjoy reading
-
Internet Security Isn’t Getting Any Prettier
Malicious software (malware) is, in many ways, very well understood. Security experts know how it works and why. Cybercriminals’ motivations are pretty straightforward—making money from malware and related attacks. In the latest McAfee Threats Report: Q3 2012 , malware is still growing and while it’s not growing quite as fast as it was in previous quarters, the amount of malware still topped 100 million samples. ... Continue Reading
-
FRAUD ALERT: Diagnostic Test To Avoid Internet Interruption on July 9
Rumors that more than a half million people could lose Internet access on July 9th are true. Protect yourself by running a quick diganostic test and, if your computer is affected, taking steps to fix it. How the Scam Works Scammers in Estonia infected computers worldwide with maleware that turned off virus updates and redirected consumers to fraudulent websites. ... Continue Reading
-
Online Extortion Scheme: Updated Alert
Over the summer, I wrote about the phony emails being sent out by thieves to get money and personal and financial information. Unfortunately, not only are these scams increasing, they’re proving very profitable. Nicole Perlroth recenty wrote an article in the New York Times about the increasingly sophisticated email messages the thieves are now using (“For PC Virus Victims, Pay or Else” ... Continue Reading
-
The Three Internet Trust Seals and What They Mean
Last week I went into detail about SSL certificates and explained what they are, how they affect you, and why we here at Safepact.com use them. SSL certificates are only one part of a bigger variety of icons that a website can put on their page in order to show you that they are a trustworthy site, and while SSL certificates are considered a trust icon there are things called “official trust seals” that websites use. These official trust icons are divided into three categories: Privacy, Security, and Business. ... Continue Reading
-
FRAUD ALERT: Smartphone Users Should be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise
The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out e-mail. A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. ... Continue Reading
