Category: Cyber Security

How Botnet infect computers and control them remotely

A botnet is a network of infected computers with malwares. Most of the internet users do not even realize that their computers are attacked by botnet. Botnet can do different types of attacks using your IP address and at the same time your PC becomes a remote control robot for illegal activities. Botnet generally connect through bots, an infected network which takes the control of the entire system remotely. This robot can give information to other spams also. A botnet attacker gets control of your computer in many ways through virus or worms. Botnets are powerful because the hackers control thousands and sometimes lakhs of computers remotely to perform some illegal activities online. Hackers use botnets to make a machine unavailable to its users temporarily while others use them as a spam.


Small Business Owners: Protect Your Business from Botnets

Cyber criminals are on the lookout for different ways to access your data through virus, Trojans, hacking, phishing, botnet, etc. They consider small businesses ideal platform for botnet use, and presume that these businesses don’t take much security precautions.

Being part of botnet is so terrifying that it badly affects your business, your partners and customers. It will also create a situation of potential liability. You will not even know that you are part of a botnet. In this article, we will discuss botnets briefly, and learn how to protect computers from them.

What is a botnet?
‘Bot’ comes from robot. When malicious software infect your computer, it becomes a bot. Online fraudsters use your computer to infect a large number of computers. These computers form a botnet. A botnet is, thus, a network of computers that work under the command and control of cyber criminals.

Simply put:

  • A bot/robot/zombie is an infected computer. Cyber criminals distribute malware (Trojan virus or other malicious software) that can turn your computer into a bot that responds to their command.
  • A bot network/botnet/zombie is a group of infected computers or PCs. A single bot is not much benefit to hackers. Therefore, they use a bot as a medium to spread malware to a large number of computers. This group of infected computers forms a network – a botnet.

Purpose of botnet
To get control over the bots to perform automated tasks online without the owner’s knowledge.

What are botnets commonly used for?
Cyber criminals use botnets in numerous ways such as for stealing information, sending spam/junk emails, phishing messages, viruses, spyware to other computers for increasing their network further; click fraud, Adware, flash flux, for DOS (Denial of Service) attack on websites or servers and cause crash.

  • Stealing data: Most people store their sensitive information on their computers such as business or work related documents, personal identifications, and email addresses of all contacts, bank account credentials, telephone numbers, social security numbers and other important data. If your computer is in botnet, criminals can access the information, take loan and purchase under your name, and may commit other frauds.
  • DdoS (Distributed denial of service) attacks: With thousands of zombies, bot masters attack at a time to impair or bring down the website and to disrupt its services by creating loss of connectivity or connection bandwidth.
  • Click fraud: Bot masters use botnets for generating revenue for a website on pay-per-click advertising or for creating web-traffic. In other words, they repeatedly access the site by using user’s computer for personal or commercial gain.
  • Phishing: Botmasters use botnets for hosting phishing sites. They harvest the information from bots by turning them into web server for conducting phishing.

How do botnets enter your computer?
Botnets reach your system via Trojan viruses that carry botnet’s code as the payload (disguised in software or attachment). They can reach your computers in the following ways.

  • Email attachments: When you open infected email attachments or download unverified files or software, botnets access your computer.
  • Infected network: When your system is connected to an infected network.
  • By fake warnings: Criminals provide a link or button with fake warnings such as that your computer has virus. That provokes/scares you into clicking.
  • By malicious websites: When you download the software, videos, and audios from malicious websites.

How to detect botnet infections?
Here are some common signs of botnet infected computers

  • Your outbox will have email messages that you didn’t send
  • Your computer suddenly starts operating slowly or crashes or stops responding frequently
  • Your network or internet connection is unusually slow
  • When you are using the Internet, there is an unknown network activity
  • Your system cannot access a few or any website
  • You will receive more number of spam emails than usual
  • Your firewall alerts you on unknown programs accessing the Internet

How to avoid and protect your computer from becoming part of botnet?
As mentioned earlier, botnets use multiple attacks (DDos attack; phishing; click fraud) so that no single technology is able to protect your computers against them. Packet filtering, port-based and signature-based techniques will not be able to mitigate the evil effect of botnets. This is because botmasters modify the code, shuffle the use of zombie hosts and so on.

Defend yourself

  • Install firewall: Firewall acts as a barrier or protective layer between your computer and the Internet. Note: Don’t turn off your firewall even for a while. There is a potential risk that your system will be infected with malware.
  • Install anti-virus and anti-spyware software: These software scan and monitor your system for known viruses and spyware. When they find, they alert you to take an action.
  • Keep all software up-to-date: Update all the software on regularly. Make sure to subscribe to automatic updates wherever required.
  • Keep an eye on your network traffic: Watch out for unusual traffic. Make sure to keep track of the traffic.
  • Use encrypted passwords: Use encrypted passwords for your home and office networks.
  • Web browsing habits: Don’t click or open or download the files that you receive from unknown sources or the one you suspect.

As the owner of a small business, it is sensible to protect your computers, computer networks against the harmful effects of botnets.

Suspicious E-mail Attachment? Be Cautious it can be Impair Your Small Business

As a small business owner, you may be receiving tens of emails (sometimes hundreds) in your in-box every day. You have to be careful while opening your emails – a small neglect on your part can significantly ruin your business – your important files may get deleted, someone might get access to your financial and customer information. I am not trying to scare you off but this is reality. There are many cyber criminals out there looking to make easy money. 95 percent of Americans receive emails with malicious programs while nearly 9 percent opened the attachment infecting their computer (Halon and TNS Global survey).

In this article, we will discuss the common threats that come as email attachments and what precautions you can take.

Common threats as email attachments
Opening a suspicious email attachment can infect your computer with a virus, Trojan horse, botnet and you can even become victim of phishing and hacking.

  • Virus: Virus is one of the common threats that small businesses come across. These malicious programs are mostly sent as email attachments with the intention of either damaging your computer programs or spreading the viruses to the computers in your network for creating problems.

    When such email attachments are opened some programs will get installed in your system. They can do many things – can gain access secretly your sensitive information, wipe out all the files on your hard drive, replicate and spread to USB keys and external hard drives. Sometimes they display unwanted ads.

  • Trojan horse: Trojan horse records all keystrokes you enter in your system. That is how it gains unauthorized access to your organization’s financial information, customer information; disrupts the performance of your computer; deletes or modifies your data, etc. Cyber criminals can even notice you through web cam.
  • Phishing: Phishing emails look legitimate and appear as if they came from known sources like businesses, banks, government agencies, friends, relatives, major online retailers, social networking sites, etc. They motivate you to download HTML form and sometimes motivate you to click the links in the email.

    These emails come with subject lines like “update your information” or confirm your user-name and password” and sometimes state the consequences if you don’t verify your details.

    Phishers generally attach html form to the mail. When you open such attachments, the form asks you to fill your credentials. These attachments are less likely to be blocked by anti-phishing mechanisms, because the form is stored locally.

    Sometimes you will be asked to click on the link provided that leads to the phisher site that site looks genuine and they motivate you to enter details of your accounts. The phishers gather your information based on your inputs and use this information to gain access to your account with a bank etc. to misuse it.

  • Legitimate PayPal URL looks like:
  • Disguised URL from the phishing email:
    Disguised url

These phishing links are constructed in such a way that looks like it goes to, but it leads to the phishing site. You can see the difference instead of forward slashes – there are dots in the URL and also you can see in the URL – instead of https it is http. (Note: HTTPS in the URL signifies your information is secure. Legitimate sites will only able to get this security certificate)

  • Botnet: Botnets are generally a group of computer networks that are remotely controlled by cyber criminals over the Internet in an effort to perform automated tasks without your knowledge. These email attachments contain viruses, spyware with botnet code. When they are installed in your computer. The creator of malware takes control over your system, your Internet browsers and monitors your keystrokes. They sometimes use your email account to send thousands of spam emails and involve in click fraud.
  • Hacking: Typically hacking targets a specific person. Hackers are very smart they send emails with convincing subject line, attached with a virus. Sometimes, they send emails from your friends’ or business partners’ account (the one which they already hacked). When such attachments are installed, they gain access to your system without your knowledge. Once the hacker gains access to your system, they look for information to steal your financial accounts, trade secrets, client details or your intellectual property.

Precautions to take

  • Update your operating system or enable ‘automatic update’
  • Install anti-virus and anti-spyware software in your system. Because this will inspect all files in your computer as well as your attachment files for viruses and spywares. Whenever they find any infection, they will remove it or immediately alert you
  • Back up all important files on your computer
  • Install and maintain a firewall on your computer – configure it. This will alert you whenever a program or process is attempting to access your system
  • Use attachment filters that will block certain file names or extensions
  • When you are not using your system, shut it down
  • Disable settings in your email program that automatically download the attachments

Precautions to take while opening email attachments

  • Don’t click, open, save or run any email attachments that you suspect
  • Be cautious about the executable files that end with the extensions such as .exe, .vbs, .lnk, .pif, .scr, .bat and so on
  • If you think the file is legitimate, check the contact details whether they are matching with the original source
  • Don’t give personal or sensitive information by email. Remember, no legitimate source will ask for information through emails

Small businesses are common target of cyber criminals as they often give least attention to this kind of matters. Use your emails sensibly and safeguard your business.

How safe are you browsing with Firefox?

Mozilla Firefox is a popular browser used by millions of Internet users all around the world. The coolest feature of Mozilla Firefox is its compatibility to add more and more plugins and enable yourself with advanced browsing.

However, we need to update our plugins as soon as a new version is available. Updates of these plugins will not only cover new features of the plugin, but also will address some vulnerability to security threats during browsing. Many people ignore it as it takes little time (a matter of no more than 2 minutes) for the plugin to update and restart the browser. This increases their risk to security threats online like malware, viruses, botnets, etc.

How to check if your plugin is up-to-date? Just click here or copy paste this URL in your browser

The window that opens will let you know the status of your plugin.

  • Green indicates that your plugin is up-to-date.
  • Yellow indicates outdated but without known vulnerabilities.
  • Red indicates that the plugin is known to have security holes and is outdated.
  • Don’t worry about the Grey colored plugin.

Update your plugin frequently for safe and better browsing.

Should I Migrate to Windows 7?

Windows 7 OS is scheduled to be available to the public market in just over a month. There are many doubts and apprehensions about the capability of this OS as its earlier version Vista is a failure. It seems Microsoft has given enough weight this time to what the Windows users really wanted – a simpler and friendly OS. Windows 7 has some novel features while improving the older ones. Moreover, some flop features in Vista are removed from Windows 7 to improve the performance.

There are some advantages along with disadvantages of opting to Windows 7. The following information may help you in deciding whether you really need to upgrade to Windows 7-

Reasons to switch to Windows 7

  1. Application compatibility can be achieved by “Windows XP mode” by running virtual windows XP machine.
  2. Windows live essentials: It is a free software that make possible to do more things like instant messaging, e-mail, photo editing, and blogging.
  3. Improved search operation performance, as results will come instantly as categorized in groups. Moreover, key words are highlighted enabling easy file identification.
  4. Supports 64-bit PC that can handle huge amounts of information than a 32-bit system.
  5. Power management can be efficiently done by new features such as, running less number of background activities, automatic screen dimming, unused ports are not run and life indicator to battery.
  6. Multi touch technology allows to use more than one finger while operating the touch screen either at application level or system level.
  7. Protect files with features such as “Use Bit Locker” and “Bit Locker To Go”
  8. Continuous access to corporate resources with a broadband connection. No need to get a VPN (Virtual Private Network) connection.
  9. The feature “Domain Join” allows to connect multiple PCs, with or without a server.
  10. Supports 35 languages. So, you can easily switch among them by logging off, again logging on. Moreover, it supports handwriting recognition.
  11. System startup, shutdown and resumes are faster.
  12. Appearance of the desktop has improved by including fresh wallpapers, retooled task bar and improved gadgets
  13. Easy data sharing between two or more PCs by using “Share with” option.
  14. Windows 7 can read larger than 131 GB hard drive (unfragmented).
  15. Upgrading Vista to Windows7 will get 223% better performance while running IE8.
  16. In Action Center you can find information you need regarding system maintenance, trouble shooting, security issues etc.

Reasons to avoid Windows7

  1. Older PCs doesn’t have hardware compatibility to achieve ‘Windows XP mode’.
  2. Windows7 provides less battery life to the notebooks than Windows XP.
  3. Need to do clean install if you want to upgrade from XP to Windows7.
  4. If you’re an XP user you need to learn a new user interface.
  5. Runs the browser 11.5% slower than Windows XP.
  6. Requires high configuration like Vista.
  7. Very expensive to buy.

Comparison of System Requirements:

Requirement Windows7 Vista Windows XP
Processor 1 GHz 32-bit (x86) or 64-bit (x64) processor 1 GHz 32-bit (x86) or 64-bit (x64) processor 223MHz CPU
RAM 1GB(32bit)/2GB(64bit) At least 1GB 128MB
Available disk space for OS installing 16GB(32bit)/20GB(64bit) 15GB 1.5GB

These descriptions and features will help you in learning ins and outs of Windows 7. Windows 7 has fixes to the drawbacks in Vista and it is desirable to move to the new OS. For the XP users, you may need to think twice before moving to Windows 7. Ultimately it is you to decide based on your computer usage and requirements.

PS: Click: “” to view the the original context of this post.


Protecting Yourself Online with Strong Passwords

The concept of having a password for any system is similar to a key for home. The key for home is essential in order to lock and protect personal belongings from others who are not authenticated or desired to enter home. Today, due to globalization and Internet revolution, a person may have several online properties or accounts that are as important as properties physically existing at home. Those may be e-mails, portal, website subscriptions, network servers, databases, online banking accounts, credit cards, etc. Strong passwords for these helps in having a secure and strong lock just like lock to home.

Most people, who are new to the online world, have lack of knowledge on setting up a strong password for their online accounts. But the increasing cyber crime can easily trace the passwords. And the results can be as terrible as the attack on Microsoft’s Hotmail and other web-based email services. A recent survey on these missing passwords revealed that many of the accounts had easy-to-guess passwords and the most frequently used password among these was “123456”.

Some general methods that attackers use for identifying a victim’s password include:

  • Guessing—The attacker tries to log on using the user’s account repeatedly by guessing probable or expected words and phrases like their children’s names, their birth city, and local sports teams.
  • Online Dictionary Attack—The attacker utilizes an automated program, which consists of a text file of many words. The program frequently tries to log on to the target system by testing a different word present in the text file on each attempt.
  • Offline Dictionary Attack— It is similar to the online dictionary attack, the attacker extracts a copy of the file in which the hashed or encrypted copy of user accounts and passwords are saved and runs an automated program to find out what password is used for each account. This type of attack can be finished very quickly if the attacker gains a copy of the password file.
  • Offline Brute Force Attack—This is a modified form of the dictionary attacks, and designed to discover passwords, which are not present or available in the text file used in those attacks. Even though a brute (very strong) force attack can be tried online, because of network bandwidth and latency they are generally attempted offline utilizing a copy of the target system’s password file. In a brute force attack, the attacker utilizes an automated program, which produces hashes or encrypted values for all possible passwords and analyzes them with the values in the password file.

Microsoft suggests that the use of strong passwords can slow or sometimes break the various attack methods. This shows the importance of having a strong password.

Creating a Strong password:

Passwords are case-sensitive and may be as long as 127 characters. A strong password:

  • Should never consist of user name.
  • Should be minimum of eight characters long.
  • Should compulsorily include both lower case and uppercase alphabets (minimum one from each group is suggested).
  • Should consist of minimum one number (0 to 9).
  • Should consist of at least one symbol. (Eg: *, ^, $, #)

A string, which has all the above characteristics, is known as strong password. A complex password should not be something, which is difficult to remember. Forgetting a strong or complex password, which is difficult to remember, is as harmful as getting attacked by a weak password.

The password created must be easier to remember but difficult for anybody to guess. It can also be a favorite phrase or quotation or mixture of two words. Substitutes for alphabets can also be used to satisfy the above criteria for a strong password. For example ‘a’ in password can be substituted with ‘@’, similarly ‘i’ can be replaced with ‘!’; and ‘o’ with ‘0’ or ‘()’.

It is a good practice if password is changed periodically like monthly or quarterly.

How to Make Secure Settings for Facebook User Profile Page?

Facebook privacy settingsDisplaying the information which is useful for your friends to search you online is equally important to limiting the visibility of the information which is more personal, which let the hackers hack your page quiet easily. Following are the few tips which helps you to make you profile page of Facebook more secured.

Besides, all the privacy setting you made for your profile there are few things which cannot be hidden by any user, that is they will be displayed for every profile. They are called as Publicly Available Information (PAI) according to Facebook, which includes full name, profile picture, gender, and networks. These things are commonly visible to any facebook user.

However, you can reduce the visibility of the remaining information by making the necessary settings. Let us see how to choose the options that makes your profile more secure.

  • It is always better to use your full names which are hard for others to guess, but are easy for friends to recognize. It also limits the search results related to your usual name. Coming to the settings, ‘Search for me on facebook’ is available so that you can choose the people who can search for you. It is better to go for ‘Friends only’ if you want yourself limit to your friends.
  • ‘Send me friend request’ – this option doesn’t make much difference because unless you accept the request of that person you cannot view your information. So, choose ‘any/every one’ or ‘friends of friends’ since the final decisions rests on you.
  • ‘Send me a message’, ‘See my friends list’, ‘See my education and work’, See my interests and other pages’- reserve these rights only for your friends by choosing ‘Friends only’ in order to make your information more secure.
  • Finally ‘see my current city and home town’ – it is better to choose ‘only me’ or not entering that info is better.

These are the few recommendations which can help you secure your account.

The Update Burden Getting Too Much on Computer Users

We have already emphasized enough on the importance of updates for computers regularly, in our previous articles. However, in the past few months the number of updates have been growing oddly burdensome to the average user. The number has grown to such extent that keeping up with the updates is turning into a second job. The Patch Tuesday is no more significant as you may expect a critical security update releasing today midnight or a set of updates the next day, giving you no time to plan. You miss them and might fall prey to the security breach – and the software vendor will simply point out your failure of not staying updated.

The software vulnerability and the updates
The updates are too technical to understand. But in simple words – a software, like the windows or the browser, is made of millions of lines of programming code. The more the features in the software, the more it adds upto to the programming code. Errors are inevitably made, while typing out these millions of lines or patching them to work together, thus leaving vulnerabilities in the software. Hackers, these days, have become more sophisticated in finding out these vulnerabilities proactively. The software vendor also works proactively to patch up the vulnerability before the hacker exploits it. These patches are released as security updates of the software.

Increasing number of updates
For the lack of a better metric lets compare the number of security bulletins released for Windows between January and April in the past 3 years, respectively. It was 16 in 2009, 29 in 2010 and 34 in 2011. As you can see, they kept increasing every year. This is not the case with just Windows. A typical Windows user will be using the following applications in common:

  • Mozilla Firefox
  • Mozilla Thunderbird
  • Adobe Flash
  • Adobe Reader
  • Java Console
  • Google Chrome
  • And then an antivirus or a PC protection software

And all these applications are as vulnerable as the Windows itself. And their vendors are also as proactive to release patches. And every time each of them releases an update the user will have to first download it from Internet and then patch it up with the main application. Of course each of them has a user friendly mechanism to update, but do you know what it takes to patch them all? Apart from time taken to patch, they will also consume your broadband till they are downloaded and the CPU memory till they patch up. The average sizes of each of these software updates and the number of times they were released this year are as follows:

  • Mozilla Firefox – 1.6 to 2.8 Mb (Updated 4 times in 2011 till date)
  • Mozilla Thunderbird – 1.6 to 2.8 Mb (Updated 3 times in 2011 till date)
  • Adobe Flash – 2.0 to 3.0 Mb (Updated 4 times in 2011 till date)
  • Adobe Reader – 10.0 to 18.0 Mb (Updated 1 time in 2011 till date)
  • Java Console – 17.0 Mb approximately (Updated 2 times in 2011 till date)

Windows updates range from 17 Mb to around 900 Mb and above. Google Chrome is little tricky to measure. It is even little creepy to have an application like Chrome that connects to its maker, downloads and patches up – all by itself, without even the knowledge of the user. But it still consumes your broadband and CPU memory.

The antivirus or PC protection software updates are little different from the above. They download security definitions everyday. Few vendors like Norton Internet Security, provide real time updates which keep updating more than 10 times a day. However, if all the software applications installed in your PC are perfect, why will one require to maintain a PC protection software or update its definitions daily.

Overall, we can see that lots of time and energy of the user is consumed here, apart from the broadband. In previous year, a report released by Secunia says that a typical Windows user patches for every 5 days. The days might remain the same, but the amount of time taken has definitely increased. Few times, multiple updates may come up within one week itself.

More and more people are finding it uncomfortable to track and do the updates continuously. Where could be the actual problem? Are the hackers getting intelligent or the software vendors getting stupid? Whatever it may be, the updates job is very exhausting and getting even worse.