|
| The hospital's computer network was disrupted by
the botnet infection. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
organizations of the threat posed by malware designed to create
zombie networks as a hacker admitted infecting 50,000
computers.
20-year-old Christopher Maxwell, from Vacaville, California, has
pleaded guilty to charges that he launched an attack in January
2005 which struck hard at Northwest Hospital and Medical Center in
north Seattle. The attack is said to have shut down computers in
the facility's intensive care unit and prevented doctors' pagers
from working properly.
Maxwell caused more than $135,000 worth of damage by infecting
Department of Defense computers, as well as those belonging to the
hospital, when he and two juveniles unleashed malware designed to
install adware on affected PCs. The three are said to have been
paid more than $100,000 through the resulting advertising
commission revenue.
"Creating a zombie network, or botnet, isn't a harmless game. In
this case a hospital network was affected, and patients' welfare
could have been put at risk through the stupidity of the hackers.
The American authorities should be congratulated for bringing
another offender to justice," said Graham Cluley, senior
technology consultant for Sophos. "All organizations need to put in
place proper protection to ensure their computers are not part of a
botnet. Every PC should be properly defended by up-to-date
anti-virus software, firewalls, and the latest security
patches."
Investigators discovered that Maxwell's botnet had also damaged
hit US military computer systems at the Headquarters 5th Signal
Command in Manheim, Germany, and at the Directorate of Information
Management in Fort Carson, Colorado.
Maxwell, who pleaded guilty to committing computer fraud and
intentionally damaging a protected computer, could face a prison
sentence and a fine of more than $250,000, according to the office
of the US Attorney. Sentencing is scheduled for 4 August 2006.
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the company's reputation, but
can also cause the business's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos recommends that computer users ensure their anti-virus
software is up-to-date, and that companies protect themselves with
a consolidated solution which can defend
them from the threats of spam, spyware and viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.