About DIS Information Services Board (ISB)2008 - 2014 State Strategic IT Plan

What you need to know about botnets

October is National Cyber Security Awareness Month, and the Washington State Department of Information Services (DIS) wants to take the opportunity to warn state and local government about a sophisticated and malicious cyber threat responsible for attacking companies as powerful as The New York Times, Microsoft, and Yahoo--a threat known as a botnet.

Home computers are the most likely to become infected with botnets, but business, government and education organizations are also vulnerable.

A botnet (also known as a zombie army) is a number of Internet computers that, unbeknownst to their owners, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer "robot" or "bot" that waits for commands from the person in control of the botnet.

Botnets are the backbone of modern cyber crime. Increasingly, botnets are responsible for stealing personal information, sending out email-based phishing attacks and spam, and instigating denial of service attacks. A denial of service attack -- making computer resources unavailable to users -- is the manner in which botnets struck The New York Times, Microsoft, and Yahoo.

Botnets propagate by taking advantage of security vulnerabilities in software and poor security practices. To protect your organization's computers, it is imperative to do the following:

Never open an email attachment unless you know what it is -- even if it is from someone you know and trust
Do not visit untrusted websites
Do not download free software from untrusted sites
Do not use free file sharing programs
Use a firewall to filter Internet traffic
Use anti-virus and anti-spyware software and keep it up-to-date
Keep your operating system and application software, especially your Internet browser, up-to-date by downloading software patches regularly

Examples of malicious software commonly associated with botnets and the subsequent impact on a computer are:

Keystroke logger programs that can capture everything you type, including personal information such as passwords and credit card information
Programs that distribute spam
Denial of service attack programs

The possibility of botnets attacking your computer is real. Consider the following:

80 percent of email is spam
Over 65 percent of spam worldwide is sent by botnets
The FBI recently reported a botnet containing over 1 million compromised computers

Botnets are everywhere. If your computer or organization is infected with a worm or virus, it may also be part of a botnet.

Some of the symptoms of infection are:

Your computer and Internet connection are slower than usual
Programs that used to run on your computer no longer operate
Your hard drive is spinning (making noise) and you are not using your computer
Any other strange behavior or anomalous activity on a computer.

If you detect any of the above, it may be an indication of an infection and should be further investigated.

For more resources on how to keep your PC safe, visit www.msisac.org/awareness/news/.