Awareness : Security Awareness Tips

Botnets: Is Someone Else Using Your Computer?

Ever wonder why your computer sometimes runs so slowly? Maybe you’re not the only person using it. Your computer might be part of a botnet or zombie network.

A botnet is a term used to define a group of computers commandeered by malicious software running silently in the background and taking instructions from criminals called bot-herders. Botnet software is designed to be stealthy and not alert you that your machine has been compromised. This is an evolution from the typical computer virus which has an immediate and obvious effect on your computer. Your computer – the bot – may be ready to perform all sorts of malicious attacks and you might not even know it.

Since new computers are often compromised within minutes of being connected to an unprotected Internet connection, it should be no surprise that some bot-herders control hundreds of thousands of computers. At its peak, the Storm botnet was estimated to be more powerful than any existing supercomputer and was responsible for distributing 20% of the world’s spam. Unfortunately, there is no easy way to tell if your machine is compromised but some tell-tale signs are your outbox may be full of email you didn’t send, you may get email stating you’ve sent spam and your hard drive is spinning (making a noise) even when you are not using your PC.

A bot-herder can do a lot with the combined computing power of a botnet:

  • Steal the computer owner’s identity and other sensitive information
  • Launch massive spam campaigns
  • Engage in click-fraud—schemes which artificially inflate the number of visitors to a website
  • Launch denial of service attacks that can cripple web servers and crash sites

To keep your computer at its best and minimize the chances of your computer falling into a botnet, follow these simple steps:

  1. Keep the latest antivirus and malware scanners active on your computer. Desktops on campus should already have Symantec Endpoint Protection installed. Home versions are available from Technology Product Center at http://www.it.miami.edu/tpc/tpc/ and Medical Information Technology at http://it.med.miami.edu. You should run full scans of your computers at least once per week.
  2. Do not connect your home computer directly to the Internet without the aid of a firewall (either hardware or software). Likewise, laptops should always run a firewall program (like Symantec Endpoint Protection or even the built-in Windows Firewall) when connecting to a wireless network.
  3. Never download files from untrusted websites or open unexpected attachments in email! This is the most frequent way that computers are compromised. It can be appealing to download free software like games, file-sharing programs, customized toolbars, and the like, but remember that many free software applications may contain malicious code, including spyware.
  4. Keep your operating system and application software, especially your Internet browser up-to-date.

If you believe your computer has been compromised by malicious software, contact your information technology support group for assistance.

For more information

Posted: February 11, 2009