Tech-Talk: Zombies Attack

With Halloween approaching, National Cyber Security Month highlights another issue plaguing Internet users at Georgia College & State University: zombies.

No, not the brain-eating zombies from “Night of the Living Dead” or “Resident Evil.” A zombie is a computer located anywhere on a network that allows a malicious user to take control of that computer.

According to Chad McDonald, GC&SU’s Chief Information Security Officer and Director of Campus Computer Support Services, zombies have caused network security issues at GC&SU in the past.

According to McDonald, “zombie” machines are infected with programs that are cousins to certain viruses or worms, such as the Sub7Server Trojan. Computer hackers take advantage of infected machines to launch Distributed Denial-of-Service (DDoS) attacks against a computer or network. These attacks usually involve hundreds of zombie machines that flood an Internet server with false messages in order to destroy its ability to respond to legitimate messages.

In other words, DDoS attacks can take down a company’s website or drag network speed to a standstill; DDoS attacks are the primary type of Internet attack. High-profile attacks from zombie networks have focused on major technology companies, including Microsoft Corporation and Cisco Systems, Inc.

With the large number of student computers connected to the GC&SU network, it is difficult to detect the presence of zombie infections. According to McDonald, some of GC&SU’s student computers have unwittingly participated in attacks upon U.S. and foreign computers and networks. Fortunately, once a problem is detected officials can identify its source.

“Once [the zombie] is reported, it’s easy to trace,” says McDonald, “but notifying students and disinfecting their machines is difficult.”

In addition to launching attacks, zombie machines can be used to collect personal information such as credit card or bank account numbers. Zombies are transmitted through a variety of means, including viruses, file sharing programs such as Kazaa or Morpheus, and spy-ware. Students can protect themselves from infection by keeping their anti-virus definitions and Windows Update patches up-to-date. In addition, spy-ware and ad-ware blockers such as Spybot and Ad-Aware can be helpful in preventing and detecting zombie programs.

In order to educate users on safe computing, GC&SU will hold several events during National Cyber Security Month. On Oct. 19, a Web-cast presentation will focus on security.

In addition, Stan Gatewood, Chief Information Security Officer for the University of Georgia, will give several presentations at GC&SU on Oct. 29. Interested students may attend a campus forum with Mr. Gatewood from 10 to 10:50 a.m. in Peabody Auditorium. He will also address members of the University Senate, Administrative Technology Committee, and the President’s Cabinet throughout the day. Information Systems majors will have the opportunity to attend a forum from 1:30 to 2:30 p.m.

Mike Madison contributes to The Colonnade as a service to the Office of Information & Instructional Technology.

Posted by Colonnade Archives on Oct 22 2004. Filed under News. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry