You’ve heard of Cyber Pearl Harbor, but the Cyber Zombie Apocalypse is here today. Has your website been consumed by the growing zombie hordes? Okay, fair enough, if I were sitting next to you on a park bench saying this, you’d be looking for the nearest police officer. There (probably) are no zombies roaming the earth feasting on the brains of the living and turning them into zombies. The same cannot be said for the online reality your computer, website, or server live in. The web is crawling with infected websites that can install malicious software in your computer, and automated software known as bots roam the web looking for fresh victims.
Bots and Zombies — This Sounds Like a Bad B-Movie, Not a Real Security Threat
Bot traffic has many functions, some good and some very bad. Search engine bots scan the web to index all the information out there so you can search it. Other bots scan for vulnerable websites that they can hijack. This could involve compromising a vulnerable feature, which turns the target website into a “zombie” computer that can then infect visitor devices, taking the zombie plague global.
But why? If you are the owner of a zombie computer or website, you may not notice any difference — the program is designed to be sneaky, so it’s not like your computer will wander the streets groaning “CPUs…”
Once you are part of the zombie horde, your machine can be used to send spam e-mails or infect others, and it is the basis for setting up a DDoS attack capable of disabling target websites. Oh, and many such networks are rented out for profit to whoever has the money to control a zombie horde.
A network of zombified sites is referred to as a botnet, and they receive commands from the head zombie, who is likely a spammer, a hacker, or a mercenary.
Once a zombie botnet grows large enough, it can unleash devastating web attacks. The head zombie issues a command for all zombies to flood a target website or server with communication requests and connections, overwhelming its capabilities and bringing it offline. Picture the target websites as the grizzled survivors of the zombie apocalypse, holed up in their fortress that is besieged by millions of zombies surrounding them. They can’t escape, and more survivors can’t reach them. The zombies may not get them all, but they can starve them out by waiting until they run out of food. Or in the cyber version, they go out of business and shut down.
So how do you know if your website has been infected? Just like in the zombie movies, you may not know that your website has been bitten until you turn on your fellow survivors, unleashing your own attack within the safety of your survivor compound/online network. You probably won’t even be aware that your website has been turned, and is now infecting other computers, sending out spam messages, or participating in coordinated DDoS attacks, no more than the movie zombie mindlessly feeding a bottomless hunger.
There are programs out there to scan for botnet infection, but each botnet is different so it’s hard to check for all. You should check for increasing outbound traffic, increase in CPU usage, and connections on unusual ports, which may be where the head zombie is communicating with you.
You may also notice a drop in incoming traffic, as search engine bots detect the infection and blacklist your website, lowering your search rankings and and eventually blocking your site altogether.
Surely the best protection is prevention. As well as making sure that your software is always updated, you can protect your website from online vulnerabilities through a web app firewall like Cloudbric. What’s more, Cloudbric offers full DDoS protection, so when the zombies come for your website, you’ll be ready and safely protected.
Zombie movies are more popular than ever, and they portray human protagonists fighting against a familiar monster — the reanimated dead humans. Not only do they have to fight zombies, but they also need to protect against becoming zombies themselves. The same applies to the online world. Perhaps the greatest insult inherent in a botnet zombie attack is that they don’t want to steal your valuable information — they just want to keep you down so your resources can be added into the mindless collective.