November 6, 2008

Zombie PCs: ‘Time to infection is less than five minutes’

October 21st, 2008

Posted by Andrew Nusca

A fascinating — and horrifying — new article in The New York Times offers the lowdown on “zombie computers,” the half-a-million-or-so machines that are converted, assembled into systems called “botnets” and forced to do a shadowy figure’s bidding, namely in the form of automated programs that send the majority of e-mail spam, illegally seek financial information and install malicious software cheap generic cialis on still more PCs.

Lock up your Windows and children!

In what sounds like the plot of 28 Days Later — computer “rage,” anyone? –  the Times reports that botnets are alive and strong, according to shadowserver.org, a site that tracks such things:

“The mean time to infection is less than five minutes,” said Richie Lai, who is part of Microsoft’s Internet Safety Enforcement Team, a group of about 20 researchers and investigators. The team is tackling a menace that in the last five years has grown from a computer hacker pastime to a dark business that is threatening the commercial viability of the Internet.

Great Scot! The simple reality of these bots is terrifying to the security-minded: Any computer connected to the Internet can be vulnerable. Botnet attacks can come with their own antivirus software, permitting the programs to take over a computer and then effectively remove other malware competitors.

According to the article, Microsoft investigators “were amazed recently to find a botnet that turned on the Microsoft Windows Update feature after taking over a computer, to defend its host from an invasion of competing infections.”

Good lord. What’s more, botnets have evolved quickly to make detection more difficult, recently using “fast-flux,” a technique that generates a rapidly changing set of Internet addresses to make the botnet more difficult to locate and disrupt.

Yikes. So what’s a user to do?

First, take Microsoft’s Malicious Software Removal Tool out for a ride. Then make sure your firewall is up and you’re up to date with all security patches.

Then pray. Because these zombies are hard to find, much less kill. Just last week, Secunia, a computer security firm,  tested a dozen leading PC security suites and found that the best one detected only 64 out of 300 software vulnerabilities.

Permalink • Print • Comment

Leave a comment

You must be logged in to post a comment.

Made with WordPress and an easy to use WordPress theme • Sky Gold skin by Denis de Bernardy