Understanding Hidden Threats: Rootkits and Botnets


What are rootkits and botnets?

A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge. It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it (see Avoiding Social Engineering and Phishing Attacks for more information). Rootkits are not necessarily malicious, but they may hide malicious activities. Attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected.

Botnet is a term derived from the idea of bot networks. In its most basic form, a bot is simply an automated computer program, or robot. In the context of botnets, bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access. Your computer may be part of a botnet even though it appears to be operating normally. Botnets are often used to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks (see Understanding Denial-of-Service Attacks for more information).

Why are they considered threats?

The main problem with both rootkits and botnets is that they are hidden. Although botnets are not hidden the same way rootkits are, they may be undetected unless you are specifically looking for certain activity. If a rootkit has been installed, you may not be aware that your computer has been compromised, and traditional anti-virus software may not be able to detect the malicious programs. Attackers are also creating more sophisticated programs that update themselves so that they are even harder to detect.

Attackers can use rootkits and botnets to access and modify personal information, attack other computers, and commit other crimes, all while remaining undetected. By using multiple computers, attackers increase the range and impact of their crimes. Because each computer in a botnet can be programmed to execute the same command, an attacker can have each of them scanning multiple computers for vulnerabilities, monitoring online activity, or collecting the information entered in online forms.

What can you do to protect yourself?

If you practice good security habits, you may reduce the risk that your computer will be compromised:

  • Use and maintain anti-virus software – Anti-virus software recognizes and protects your computer against most known viruses, so you may be able to detect and remove the virus before it can do any damage (see Understanding Anti-Virus Software for more information). Because attackers are continually writing new viruses, it is important to keep your definitions up to date. Some anti-virus vendors also offer anti-rootkit software.
  • Install a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer and limiting the traffic you send (see Understanding Firewalls for more information). Some operating systems actually include a firewall, but you need to make sure it is enabled.
  • Use good passwords – Select passwords that will be difficult for attackers to guess, and use different passwords for different programs and devices (see Choosing and Protecting Passwords for more information). Do not choose options that allow your computer to remember your passwords.
  • Keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Follow good security practices – Take appropriate precautions when using email and web browsers to reduce the risk that your actions will trigger an infection (see other US-CERT security tips for more information).

Unfortunately, if there is a rootkit on your computer or an attacker is using your computer in a botnet, you may not know it. Even if you do discover that you are a victim, it is difficult for the average user to effectively recover. The attacker may have modified files on your computer, so simply removing the malicious files may not solve the problem, and you may not be able to safely trust a prior version of a file. If you believe that you are a victim, consider contacting a trained system administrator.

As an alternative, some vendors are developing products and tools that may remove a rootkit from your computer. If the software cannot locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. Also, the infection may be located at such a deep level that it cannot be removed by simply reinstalling or restoring the operating system.

If you have problems with your computer as identified above, and live in the north Columbus and Lewis Center, Ohio area, please contact Kullberg Designs for assistance.  With over 20 years of computer experience, we can assist in identifying and removing viruses, Trojans, malware and other malicious attacks on your computer or laptop (Windows Operating Systems only.)  For details,  access our Computer Rescue Services.  Note: This is a local service available in North Columbus and Lewis Center, Ohio area only.

Source:  Author – Mindy McDowell, US-Cert; Department  of Homeland Security

Sales Through Social Media On The Rise

For years now, marketers have reported their greatest social media frustration as tracking sales through to social media efforts.

A Facebook post or YouTube video might play a part in a sale at some point, but a phone call, filling out a form and other steps typically get the credit for moving potential consumers down the funnel. These steps are closer to the conversion. This difficulty giving social presence any sales credit prompted marketers to switch their social metrics from direct sales to the more amorphous metrics of brand awareness and buzz.

New research, however, indicates that social media may finally be directly delivering the paying customers vendors have longed for.

Internet Retailer’s “2015 Social Media 500,” a study of 500 leading merchants’ use of social media, reveals that retailers’ increased efforts to build social media audiences (follower numbers were up an average of 33% on Facebook from 2013 to 2014) are paying off.

In 2014, total social commerce sales that could be tracked to social networks hit $3.30 billion, up 26% from 2013’s $2.62 billion, which is quite a leap. The study also revealed that overall traffic to retailer websites originating from social networks ticked up 7%. Could these increases be the long-awaited indicators that social selling will finally take off?

A positive trend in social selling has been echoed by other reputable studies. According to leading statistics provider Statista, by the end of 2015, social selling will amount to $30 billion worldwide, a 50% increase over 2014’s $20 billion. (Keep in mind that the Internet Retailer study above gauged only 500 selected retailers, not the entire market, hence the difference between $3 billion and $30 billion.)

Key Takeaways: Many marketers will remember the early 2000s when doubt and suspicion surrounded online Christmas shopping. When online gift sales accounted for 5% of all sales, headlines like “Can It Last?” and “Trend or Here to Stay?” abounded.

Fast-forward to Christmas 2014 and Internet sites are the number-one place consumers go to buy gifts. Discount department stores like Walmart were a close second. Could social selling follow a similar trajectory?

If it’s just a matter of work, social selling could get a solid foothold worldwide.

Twitter, Facebook and Pinterest (and even Amazon.com) are busy developing buy-type buttons and promotions to help marketers track sales directly to the platform. Pinterest is already gaining traction as an ad platform with its rollout of promoted pin native ads. Provable ROI for social media will mean more budget attributed to it. Networks design these buy buttons to reduce the steps it takes for website visitors to buy items from the store.

Social platforms are clearly aiming for revenue that isn’t only ad-based. Does that mean social media will become more like an affiliate, taking a small portion of every sale they send to a vendor?

Also, some experts warn that social media’s primary role as a relationship facilitator will be damaged if too much commerce comes in. Most likely, consumers will vote on the compatibility of shopping and social media with their dollars.  Read more…

Source:   Except from Social Media Marketing Trends Gaining Traction in 2015: New Research.  About the Author, Suzanne Delzio.  Suzanne Delzio is the director of Informed Web Content, which helps small and medium-sized businesses build authority, traffic and reach with search-engine-optimized blog posts, web pages & email newsletters.

Mobile Compatibility Cause for Rush

It’s been a busy several months creating mobile sites to compliment my client’s desktop versions. Why the rush?  Seems as if Google has caused a panic with their new ranking requirements based on whether a website is ‘mobile compatible’.

Since I use adaptive web design instead of responsive, I create mobile sites that are actually made FOR mobile devices. There are arguments on which is best (adaptive vs responsive), but both have the positive and negatives. Personally, I prefer adaptive at this point since it offers a wider palette of design and add-on options, plus text is easier to read and navigate.  As in the examples below, you’ll notice the mobile phone websites are different than the desktop.

OhioSeniorCitizens-501 If the person accessing the website is using a tablet or desktop, then they are presented with a regular website. But if they access via their mobile phone, the website auto-detects their device and switches to the mobile version. What is nice about adaptive websites is mobile devices are slow in loading images, and users can be charge bandwidth fees. So by offering a ‘mobile compatible’ version with small images or add-on’s that require specific operating systems, the experience is more positive for the user.  And since both versions are HTML5 and CSS compatible, this eliminates issues with operating systems (Windows, Apple, Android, etc.)

transformare-501In the example of Transformare, colors and designs are carried throughout both the desktop and mobile versions.  But faster response time is a real and important consideration which was utilized throughout the mobile version.  I included their live Facebook feed on the mobile, plus rotating panels and other features found on the desktop version.  As with all my mobile versions, I create a unique homepage with featured navigation and other important information. On the other pages, the menu is a clickable ‘drop-down’ navigation to save space and provide unity and easy-of-use throughout.

tarantos-502One of my favorite websites I created and maintain is for Taranto’s Pizzeria, based in Lewis Center, OH.  A family owned business, it is a continuous pleasure to update the site with new events, coupons, and announcements.   I’ve linked 3rd party programs such as an online ordering and perks program to give visitors the ultimate experience for ordering their favorite menu items, or just browsing the site with pictures and announcement in and around the pizzeria.

What are you website needs?  Are you are looking for someone to take your business vision and translate it to the web? Then I can help.  Do you need someone who can also help set up  (or jump start) your business or organization on Social Media, then I’m here to help. Look…I’m not interested in being the biggest website creation business or create the most website.  I like to do one project at a time, and do it at a very affordable and fair price. Based on the last several projects I did, I was more than HALF the price of my competitors.

For further discussion of my projects, and examples of my work and testimonials, please visit my website at www.unicomsvcs.com.  If you want to talk about your website needs, just let me know.   All my contact information is on my website, or select the ABOUT US option my the Menu option on this blog.  Thanks for looking!