Episode #04 – How to Know if You’ve Been Hacked
It seems like every day now that we see a new headline on a cybersecurity breach. These headlines usually involve millions of records being stolen from some large financial institution or retailer. What doesn’t reach the headlines are the many individual breaches that happen millions of times a day, all over the world.How can I tell if my system has already been hacked?
The answer to that question is not simple. Hacker software has become so sophisticated that it is often hard to detect once it has become embedded in your system. Although antivirus/anti-malware software can often be effective in keeping your system from being infected, in many cases, once it has become infected, the software can’t detect or remove the infection.
The reason for this is that the best malware embeds itself in your system files and looks and acts as part of your key Windows system files. Often, it will replace a system file with itself, keeping the same file name and functionality, but adding its own functionality. In this way, it looks and acts similarly to the necessary system file that your operating system needs to function properly, only the additional functionality gives a remote hacker access to your system and system resources at their will.
Why Hackers Want the Use of Your Computer
Although we are familiar with the idea that hackers might be seeking our credit card numbers, bank accounts, and identity, some hackers are simply seeking the use of your computer. By infecting thousands, even millions, of computers around the world, they can create what is called a “botnet.”
A botnet is simply a network of compromised computers controlled by a single command and control centre. I estimate that 30 to 50% of all consumer-level computers are part of one botnet or another.
This botnet can be used for many seemingly innocuous activities and many more malicious ones. Botnets can be used to send spam, crack passwords, conduct distributed denial of service (DDoS) attacks, etc. In all cases, they are using system resources that are not available to you. You will likely detect your own system running sluggishly or erratically.
Let’s take a look at how we can detect if such a security breach has taken place on YOUR system