Could your home PC attack the Republic of Georgia?

It's not out of the question, says ConnectSafely's Larry Magid.


by Larry Magid

I think I can say with a great deal of
certainty that the overwhelming majority of parents don't
operate websites based in the Republic of Georgia.
And I am also certain that you're not malicious hackers. But before you
ignore my story, consider the possibility that the PC in your house
could have played a role in taking down the website of the President of
Georgia.

Attacks against Georgian government sites, according to the New York Times,
started "weeks before physical bombs started falling on Georgia," and
the Georgian president's site was difficult or impossible to access on
Tuesday afternoon, even though the site moved from the country of Georgia to an Internet service provider in the state of Georgia in the United States.

"This is a classic denial of service attack (DOS)," said Steve Gibson, president of Gibson Research and a leading security expert.

 In
an interview, Gibson said it has all the marks of a "zombie" or
"botnet" type of attack. "Botnet" is a hacker term for a network of
robots – machines that are surreptitiously recruited to attack other
machines.

 "Essentially what happens," explained Gibson,
"is a large number of computers that are under the control of some
entities — presumably someone with a grudge – can be recast for
various purposes.

"Sometimes they're used to generate
spam, sometimes to generate fake clicks on advertisements and sometimes
they are told to simply flood a site with traffic," said Gibson.

These
zombie machines can bombard a server with enough requests in a short
period of time to simply overwhelm it. It would be like putting
thousands of cars on the freeway, making it impossible for normal
traffic or emergency vehicles to get through.

Such
tactics are sometimes referred to as distributed denial-of-service
attacks because the computers used in the attacks are distributed all
over the Internet. It's often difficult for the attacked machine to
distinguish between legitimate requests for service and the bogus
request from the zombie machines.

DOS attacks can also
be carried out by disrupting configuration data such as routing
information so that traffic to a server is re-routed, or simply sent
nowhere instead of the server that users are trying to reach.

The
machines that wind up carrying out the attack "are typically owned by
regular computer users who have no idea that their machine is now
serving two masters," said Gibson. "It's serving them, and some
remotely located criminal that is able to take the resources of their
machine and their Internet connection for some malicious purpose."

Malicious
software to carry out these attacks can come from websites, via email
or as part of spyware people inadvertently download to their computers.
Most Internet security programs can protect PCs against being infected
by such software, though security is — and has always been — a cat
and mouse game between the good guys and the bad guys. That means there
is always the possibility of botnet software slipping past the defenses
of even up-to-date security software.

Still, if you use
up-to-date security software, the chances of your machine being
infected go way down. Also, security software such as Symantec's Norton 360, TrendMicro's Internet Security Pro, Zone Labs ZoneAlarm Security Suite and Kaspersky Lab's Kaspersky Internet Security all do a good job at repairing infected computers along with preventing infections in the first place.

It's also important to be sure that your operating system is up-to-date. For example, Microsoft issued updates
Tuesday for various versions of Windows which fixed 26 flaws, including
six what were considered critical. These flaws could put your computer
at risk of being taken over by a hijacker who could use it for
virtually any purpose — including attacking other computers or web
servers.


You can learn more about how hackers can turn your computer into a malicious zombie in my mp3 file

” target=”_blank”>CBS News podcast discussion with Steve Gibson.

Related:  computer security

No comments yet.

Leave a Reply