Were You Unwittingly in the “Zombie” Army that Attacked the Internet?

by Debra N. Diener J.D. CIPP G

Sad Girl on Computer

The powerful attack on the Internet last week raised many questions — who did it? how did it happen? and could it happen again?  Some of those answers are still unknown and could be for awhile.  But what is known is that the Internet attack involved millions and millions of computers around the world.  And we’re learning that not all of the computers involved are those of companies — some of the computers used, as well as other devices, are ones in people’s homes.

Nicole Perlroth outlined these disturbing facts in a recent New York Times article (see, “Devices Like Cable Boxes Figured in Internet Attack”; page B1, March 30th).  In her article, she describes how the attackers used “open resolvers” whether corporate servers or home devices (such as cable boxes) or “virtual” machines in the cloud all of which were configured so they could accept messages from any device around the world.

As she wrote, “[o]pen resolvers have been set up in such a way that they are not unlike the naive users of public Wi-Fi who forget to turn off their file-sharing settings, so that any hacker on the Internet can creep inside the computer.  It’s similar to PC users who do not realize that by not updating their software, they let their computers get infected with malware and used as a zombie in a cyberattack.”  (pages B1 and B6). A year ago — almost exactly to the day — I wrote about “zombie” computers.  I warned about the ways personal computers can be captured by scammers and shared advice on how to protect your computer and private information (March 23, 2012, “Are You Living With A Zombie?”).

Last week’s massive attack is just the latest reminder that we all can, and must, take steps to protect our computers (and our private information).   Remember to heed the easy to follow advice from Ms. Perlroth’s article and my prior blog:

  • Turn off your file-sharing settings when you’re using public Wi-Fi; and
  • Update the software on your PCs and other devices to protect them from becoming invested with malware.

While we can’t thwart all of these attacks, we can try and make it less easy for our devices to be used by the attackers.