A zombie epidemic might be an interesting topic for a movie, but the likelihood of a genuine zombie plague on humankind is probably very low. In the world of computers and network information systems, however, zombies are a very scary reality in the form of automated bots that maintain a constant attack and siege against one or more chosen targets.
More than 40% of all cyber attack targets are small businesses. As the sophistication of automated cyber attack bots grows, that percentage will likely increase. Small businesses should be especially watchful for the following four automated bot attacks and, when are able to detect an attack, those businesses should implement corrective actions as quickly as is possible.
1. The Automated Burst Bot Attack
Unlike targeted hack attacks that can result in a one-time loss of a trove of data, automated burst bot attacks continue at random intervals over the course of a day or more. These attacks stymie a tech team’s ability to keep a network online and can lead to sustained down time and steady data losses. At present, the best strategy may be to elevate awareness of this type of attack and to install backup and other systems that can get a network back on line as quickly as is possible after the attack is under control.
2. Distributed Denial of Service (DDoS) Attacks
With a DDoS attack, a single hacker inserts an army of automated zombie bots into the domain name zone file of a server, and then directs those bots to issue an endless number of DNS requests to a targeted name server. The name server inevitably freezes up or crashes in the wake of the tens or hundreds of thousands of simultaneous requests it receives. DDoS attacks are gaining in popularity in the hacker’s toolkit because the hacker can insert the bots into any Internet of Things (IoT) devices that have their own IP addresses. The tech team that manages the targeted server will not be able to pinpoint a single source of the DNS requests because they originate from multiple devices. Possible responses include setting up servers and backups that can handle the volume of requests, regular testing that mimics DDOS attacks, establishing response protocols, and maintaining awareness of the signs of an attack.
3. Watering Hole Attacks
Hackers set up watering hole attack bots to linger at websites that are frequented by an organization’s employees. Those websites are easily identified with online tools such as AddThis and KISSMetrics. When an employee visits the infected site, malware scans the employee’s device for vulnerabilities that the hacker then exploits to access an organization’s network. Companies can defend against these attacks with tracking services that monitor employee activity and alert the organization to frequently-visited websites. They can also use plugins that block redirects which might shift an employee’s website surfing to an infected site, and adopt policies to update internal software to protect against these attacks.
4. Shellshock Attacks
Shellshock attacks are more of an automated precursor to other forms of attacks. This attack relies on vulnerability in systems that run Linux, Unix, or OS X. That vulnerability allows an automated bot to insert malware into a system, which the hacker then uses to compromise data or to hijack the system to launch DDoS attacks. Networks that run under these operating systems should be monitored and repaired if this vulnerability is present. Firewalls and antivirus protections will also add to a system’s defenses against Shellshock attacks.
Defenses against these and other automated bot attacks are becoming mandatory for every small business. Even the best defenses, however, will not stop or prevent every attack. Because of this, small businesses should insure against losses with a cyber protection policy that reimburses them for direct and third-party losses that flow from a successful cyber attack. Every small business is a potential target for one of these attacks, and cyber insurance is the final protective step that those businesses can take to recover from those losses.