It’s Halloween and zombies are afoot. They’re not coming through the windows or wading through the streets, though. The massive zombie horde approaches through the spider-filled web that has been spun to cover the entire world … the worldwide web, that is. However, it isn’t an undead army we have to worry about, although one could not say what is yet to come this All Hallows’ Eve, it’s botnets of zombie machines that have taken aim to disrupt services.
Over the past couple of years, it has become apparent that similar to home and office computers needing anti-virus software and a firewall to keep them protected, individual websites have become a prime target for hackers, and they too require some form of protection. As it becomes a more lucrative racket for hackers worldwide, it’s more important than ever to understand what malware, or malicious software, is, and how it has increasingly become a problem for websites of all sizes. Before we talk about how a website can be protected from malware, let’s first cover some common purposes of malware, how it generally works and what it means for a website after it’s infected.
If businesses are to survive the growing threat of DDoS (Distributed Denial of Service) attacks, then DDoS protection must evolve quickly and respond even faster. Hackers have no shortage of options when it comes to launching DDoS attacks. In early October, Akamai warned that hackers are now targeting Universal Plug and Play devices, or UPnP, to launch their attacks. The firm estimated that there were more than 4 million UPnP devices, from home routers to web cams, that were vulnerable to being conscripted by hackers to launch devastating DDoS attacks.
Remember Heartbleed, that age-old bug that only surfaced last year and left more than half of all internet servers around the world exposed? Looks like we might have yet another Heartbleed on our hands. This one has been codenamed Shellshock. Experts are already saying the Shellshock exploit could impact millions of Unix systems that operate on Linux or Mac iOS. And may even threaten consumer devices including home routers.
When Did The Need for DDoS Protection Begin?
It’s been a while since the world first started hearing about Denial of Service attacks. It was February 2000, and in the space of just one week, major websites like Yahoo!, eBay, CNN, E-Trade, and Amazon were experiencing inexplicable outages that lasted for more than an hour in some cases. And those outages were costing them millions of dollars in lost revenues.
A little investigating, combined with loose lips on the part of the offender, eventually pointed law enforcement to a 15-year-old Canadian high school student going by the handle MafiaBoy.
Seems like just about everyone thought that the massive Target data breach earlier this year would be the biggest for a while. Yet only a matter of weeks later, eBay announced a data breach that was even bigger.
Now we’re learning of a hacker haul that makes those earlier breaches look like chump change. Security researchers in Milwaukee revealed that they’ve been monitoring a hacking gang operating from a small Russian town, and found the gang had managed to amass a database of more than 1.5 billion stolen credentials.
Here’s just a sample of what the investigators learned about the hackers, and the implications of their haul:
Malware can be confusing. Not just because there are millions of different types of malware, because they’re constantly evolving. And it doesn’t help much that researchers have a tendency to give them some crazy names.
The botnet, on the other hand, is relatively easy to understand. Instead of just stopping at infecting thousands or even millions of computers, botnets will continue to control all those computers remotely to perform the bidding of the bot controller or herder. That’s why it’s one of most sinister types of malware that all business owners need to be aware of.
With all the movies and TV series focused on zombies lately, many of us seem to have zombies on the brain. Think they don’t actually exist? Oh but they do – in the form of business and personal computers compromised with malicious software capable of engaging all kinds of nasty behavior.
Networks of zombie computers are called botnets, and many experts believe that botnets now represent the single biggest cyber threat, to businesses and to consumers: