A fascinating — and horrifying — new article in The New York Times offers the lowdown on “zombie computers,” the half-a-million-or-so machines that are converted, assembled into systems called “botnets” and forced to do a shadowy figure’s bidding, namely in the form of automated programs that send the majority of e-mail spam, illegally seek financial information and install malicious software on still more PCs.
In 2003 and 2004 Microsoft was deeply shaken by a succession of malicious software worm programs with names like “Blaster” and “Sasser”, that raced through the Internet, sowing chaos within corporations and among home computer users. Blaster was a personal affront to the software firm that has long prided itself on its technology prowess. The program contained a hidden message mocking Microsoft’s co-founder: “billy gates why do you make this possible? Stop making money and fix your software!!” The company maintains that its current software is less vulnerable, but even as it fixed some problems, the threat to the world’s computers has become far greater. Mr. Campana said that there had been ups and downs in the fight against a new kind of criminal who could hide virtually anywhere in the world and strike with devilish cleverness. “I come in every morning, and I think we’re making progress,” he said. At the same time, he said, botnets are not going to go away any time soon. “There are a lot of very smart people doing very bad things,” he said.
So what’s a user to do?
First, take Microsoft’s Malicious Software Removal Tool out for a ride. Then make sure your firewall is up and you’re up to date with all security patches.
Then pray. Because these zombies are hard to find, much less kill. Just last week, Secunia, a computer security firm, tested a dozen leading PC security suites and found that the best one detected only 64 out of 300 software vulnerabilities.