Another monthly security tip from Shazam and ShazamSecure:
You've probably heard terms such as “bots,”“botnets” and “zombies” in recent news stories about data breaches and other cybersecurity risks. But what exactly are they, how do they work and what damage can they cause?
A bot, short for robot, is a type of software application or script that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. The compromised machine may also be referred to as a zombie. A collection of these infected computers is known as a botnet.
Hundreds of millions of computers worldwide are infected with bots and under the control of hackers (for example: part of a botnet). The owners of these computers typically do not experience any signs that the machine is infected and continue to use it, unaware they're being controlled remotely by a cybercriminal. In fact, the infected machine could be sending multiple spam emails, including to all contacts in the computer, making it appear to the recipient that the email is legitimate and from someone they know.
A botnet that has recently been in the news is the Gameover Zeus Botnet, which allows the cybercriminals to retrieve banking passwords from the infected machines or use the botnet to infect more computers. This botnet was responsible for nearly one million infections worldwide since its first attack in September 2011. In June 2014, U.S. and international law enforcement seized control of the botnet, and they're working with Internet service providers (ISP) to notify impacted victims.
How and why do cybercriminals use botnets?
The following are examples of how and why cybercriminals use botnets:
Don't let your computer become a bot!
It only takes moments for an unprotected, Internet-connected computer to be infected with malicious software and turned into a bot. Every user should have up-to-date security software on all devices.
The best protection is to set your anti-virus and anti-spyware programs to automatically update and to automatically install every patch made available for your operating system and browser.
Don't click on links in unsolicited emails. And, don't click on links from your friends and family if they aren't using updated security measures. They may unknowingly transmit an infection on their machine to yours.
While there is no single action that will protect you from all of the cyber risks, by implementing these foundational best practices, you can greatly reduce the likelihood that your computer will be caught in the next botnet.
For More Information
If you have questions about the content of this newsletter or any general security-related questions, please contact Jeremiah Bristow, director of corporate and information security for Shazam and ShazamSecure, at 800-537-5427, ext. 4124.