Computer hijacking programs are becoming more sophisticated and powerful each year. This makes it vital for companies to protect their networks from being hacked and converted into “zombie” systems that could severely undermine business.

The wide and ever-expanding range of viruses, Trojans and malware programs that cyber criminals use to infiltrate computer systems means that maintaining a business’s cyber security is a full-time job. Recent trends in cyber crime, including a surge in computer hijacking and the development of an extremely powerful new tool for breaking into protected facilities, point to the need for increased computer vigilance — particularly in the industrial sector.

First uncovered in June, the Stuxnet virus is considered the world’s first “cyber superweapon.” It is an extremely powerful piece of malware that attacks programs used in critical business systems and production facilities. Perhaps most troubling, it’s specifically designed for targeting manufacturing processes.

“Stuxnet is feared by experts around the globe as it can break into computers that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like pumps, motors, alarms and valves,” Agence-France Presse reports. “It could, technically, make factory boilers explode, destroy gas pipelines or even cause a nuclear plant to malfunction.”

Although experts speculate that Stuxnet was likely built by a nation-state and may be intended to hinder Iran’s nuclear program, it has already infected millions of computers around the world, including networks in China, India, Pakistan and elsewhere. The level of sophistication displayed by this latest threat is a signal that industrial cyber security is more important now than ever before.

One of today’s major trends in computer security risks is malicious botnets, which are automated software programs that operate in background processes and are becoming increasingly popular among cyber criminals. Botnets can hijack a computer system without the owner’s knowledge and use it to collect sensitive data, host or distribute other malware and illegal files, send spam or link it to a network of other hijacked computers — effectively rendering it a “zombie” computer.

“Often comprised of tens of thousands of compromised machines, and designed to evade detection, the modern day botnet is the most sophisticated, stealthy and profitable component in a cybercriminal’s arsenal,” IT security journal SC Magazine explains. “[O]f increasing concern to organizations is the continued influx of targeted malware onto users’ machines designed to perpetrate identity theft and steal valuable company data. Experts suggest botnets will start getting smaller in scope, allowing for them to unleash more specific attacks on companies without running the risk of being flagged by industry and law enforcement.”

According to the latest Microsoft Security Intelligence Report, computer networks in the United States are at the highest risk of botnet attacks, with roughly 4.3 million computer systems cleaned of botnet infections in the first half of 2010 alone, not including the number that went undetected. The next highest infection rate was in Brazil, with roughly 1 million computers cleaned of botnets.

“In a globally connected society, users of infected computers not only put their own information at risk, but put other Internet users at risk too,” Adrienne Hall, the general manager of Microsoft Trustworthy Computing, said in an announcement of the findings. “Therefore, addressing the problem of cyber crime requires creativity, innovative thinking and collaboration to improve the health of all devices connected to the Internet.”

Fighting botnet infections can be challenging not because these programs are difficult to remove from a computer system, but because they are designed to avoid detection. This makes identifying a zombie computer is the most crucial step in stopping the threat.

According to the Zombie Awareness Month Computer Survival Guide from network security blog Fortinet, picking up clues from other people can be a useful way to determine if your computer has been hijacked by a botnet. For example, if your computer is automatically sending out unusual messages or video links to friends or coworkers, they can alert you about this suspicious activity.

“The very best defense… is common sense combined with a healthy dose of skepticism,” PCWorld explains. “User awareness is an IT administrator’s friend.”

Once a zombie infection has been spotted, it can be disabled by putting it into quarantine, ideally by disconnecting from the network, then running a virus with up-to-date software that can permanently delete the program.

Of course, a safer precaution is to prevent malicious programs from infiltrating your system in the first place. Computer security firm McAfee offers the following tips to help protect your computer from botnets, Trojans and other harmful cyber attacks:

• Employ strong and reputable security software that protects from a broad range of computer attacks;
• Use a secure internet service provider (ISP) with powerful anti-spam and anti-phishing processes;
• Enable automatic operating system updates or manually download the latest patches whenever available;
• Be cautious when opening attachments: avoid opening unsolicited attachments and make sure your e-mail program doesn’t automatically open them;
• Implement anti-virus protection for your cell phone, PDA and Wi-Fi devices, as these can also be attacked by malware;
• Make sure a website is legitimate through web security checks before visiting it;
• Obtain system recovery, or “snapshot,” software so you can revert to a previous state after a crash;

“While real-life zombies aren’t too bright or fast on their feet, zombie computers can be quite devious,” Fortinet adds. “Therefore, the best line of defense is to prevent infection in the first place; an initial infection can grow worse over time and, well, you know what happens. And nobody likes a zombie.”

Earlier

Cyber Crime Hits Businesses Through Social Media

Most Advanced Malware Ever Targets Manufacturing

Resources

Stuxnet ‘Cyber Superweapon’ Moves to China
Agence-France Presse, Sept. 30, 2010

Busting Bots: Defending Against Botnets
by Dan Kaplan
SC Magazine, Feb. 5, 2009

Security Intelligence Report
Microsoft, October 2010

In Pursuit of Cyber Crime
by Adrienne Hall
The Official Microsoft Blog, Oct. 13, 2010

The Zombie Awareness Month Computer Survival Guide
by Rick Popko
Fortinet, May 20, 2010

Don’t Let Your PC Join the Zombie Hordes
by Tony Bradley
PCWorld, May 31, 2010

Protecting Your Computer Against Threats and Attacks
McAfee, 2008