In 2020, the number of cybercrimes accounted for about 43% of all the crimes in Singapore. With reference to the latest government findings, the number of zombie computers utilised by hackers have tripled amidst the pandemic. What exactly are these ‘zombie’ devices, and why have they been a threat to the health of our IT systems and networks? Let’s take a closer look in this article.
In computing language, a zombie computer refers to a computer that is connected to a compromised network. A device with a compromised network can be taken over either by a computer worm, virus, or Trojan horse. Following the connotation of a zombie, a zombie computer is essentially infected.
In most cases of zombie computers, the hacker gains complete control of the devices and the resources they contain. This enables them to carry out various malicious attacks, namely denial-of-service attacks, degradation-of-service attacks, spam and data theft.
Zombie viruses differ from your typical malware in terms of their goals. While most viruses are targeted at high-profile networks, a zombie malware’s goal is to infect as many computers as possible and, in a gradual way. Most often than not, this type of virus installs itself secretly through back doors in security networks or vulnerabilities within web browsers and programs.
Once installed, the virus can open networking ports within a computer and connect it to an online server controlled by the malicious hacker. After the network has grown substantially, the hacker simultaneously assigns numerous computers to complete attacks through the web.
Perhaps, what is more frightening here is that all of these can occur without the users being aware of the compromised network. This is because infected devices continue to function while the hacker gives commands. The only tell-tale sign would probably be that the infected devices slow down over time – and this warning can easily go unnoticed.
A common method that turns devices into zombie computers is the denial-of-service (DDoS) attacks. In these cyber-attacks, numerous computers try to access one website at a time. The greater the number of computers a hacker can use, the more significant the impact of the attack. Basically, with more users making requests to the web page, the server will inevitably crash and deny authentic users any access to the page.
As the name suggests, a case of ‘zombie’ attacks can be a pandemic in itself. It can compromise hundreds, thousands, or even millions of computers and data. In 2010, for instance, a criminal network called Mariposa managed to control about 13 million computers and obtain data from approximately 800,000 people across 180 countries.
Because the hit of a zombie attack can be wide-ranging and severe, both individuals and businesses need to adopt cybersecurity solutions that will minimise their devices’ risk of becoming zombies. With that, here are a few effective ways to mitigate the risk of zombie attacks.
Even though many email platforms do a decent job at placing suspicious messages into spam folders by default, potentially harmful emails can still occasionally make their way into one’s primary inbox because of their legitimate appearance.
To avoid falling victim to such fraudulent emails, it is important to elevate one’s protection from spam mail with proper or customised spam filters. Fortunately, for businesses that utilise platforms such as Microsoft 365 and Gmail, admins have the ability to modify the level of junk protection for all users across the organisation.
On the other hand, penetration testing uses a more invasive approach in managing your security weaknesses. Here, penetration testers exploit your identified vulnerabilities in an attempt to gain access to assets. In essence, penetration testing simulates a real cyber-attack to determine the robustness of your IT infrastructure.
Also known as endpoint detection and response, next-generation anti-virus software is highly effective in detecting and preventing new viruses. With virus development progressing at an alarming rate these days, it has proven to be difficult for traditional anti-virus software to catch up.
Because of this, many cybersecurity experts advise organisations to choose next-generation anti-virus software. This type of software uses behaviour tracking technology to find any abnormal activities initiated by a program. Once it detects something suspicious, it immediately puts a stop to the program and notifies the user.
One of the more popular ways hackers attempt to grow zombie networks is by deploying phishing campaigns. These campaigns usually target unsuspecting individuals who have the potential to click on infected links or attachments. For many, this type of cyber-attacks may seem challenging to steer clear of. However, regular security training and phishing testing can reduce a computer’s risk of becoming part of the zombie hoard.
Through cybersecurity awareness training, organisations become more equipped at preventing and handling security threats against their IT networks. Additionally, after the employees have been trained on phishing threats, admins can send out phishing emails to test how their staff would respond should a real phishing campaign occur.
Protection is key in this fast-evolving cyber-landscape. Here at GROUP8, we understand the need for top-notch security and take an offensive approach to solutions. With a suite of cybersecurity services in Singapore that include phishing detection, CREST-certified penetration testing, web application vulnerability scanning and more, our team is here to protect your networks against a ‘zombie’ pandemic.