When a system administrator discovers a user's PC running slowly with 100% CPU utilization, it often indicates that the system is being used for unauthorized purposes, such as being part of a botnet attack. Here’s why:
Botnet attack: Botnets are networks of computers infected with malware and controlled by an attacker. These infected computers (bots) are often used to carry out tasks like sending spam or participating in Distributed Denial of Service (DDoS) attacks. The high CPU utilization and resource usage indicate that the computer might be performing tasks dictated by the botnet controller.
Firewall activities: While firewall activities can use some resources, they generally do not cause sustained high CPU utilization.
DDoS attack: DDoS attacks target external systems by overwhelming them with traffic. A system participating in a DDoS might have high network usage, but the primary symptom on the user’s PC would be high network activity, not necessarily CPU usage.
Keylogger attack: Keyloggers record keystrokes and generally do not cause high CPU utilization. They are more stealthy and have minimal resource footprints.
[Reference:, CompTIA A+ 220-1102 Exam Objectives, Section 2.4: Explain common social-engineering attacks, threats, and vulnerabilities., Security and malware documentation., , , , ]
Submit