In association with heise online

13 February 2007, 15:36

Online computers are attacked every 39 seconds

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A study conducted by researchers at the University of Maryland found that computers connected to the Internet are attacked, on average, every 39 seconds . As Michel Cukier, who directed the study for the Center for Risk and Reliability, put it, "Our data provides quantifiable evidence that attacks are happening all the time to computers with Internet connections." On average, the computers in the study were attacked 2,244 times a day.

Cukier and two students studied attempted attacks on four Linux computers with low security settings. Cukier explained that "Most attacks were done by means of automated scripts that search through thousands of computers at a time to find vulnerabilities". Often, dictionary scripts containing lists of common usernames and passwords are used in such attacks in order to gain access to computers.

The most common user name is "roots", which is 12 times as common as "admin" in second place. Cukier and his colleagues also discovered that the password is the same as the user name 43 percent of the time. In addition, passwords are often only the username with a number behind it such as "123" or "1234".

If the attack was successful, the attackers generally inspected the software configuration on the computer and changed it so that they could install their own malicious software. Often, the attackers set up back doors to connect a bot network to the hijacked computers; bot networks allow other operations to be performed.

Unsurprisingly, Cukier concludes that users would greatly benefit by simply taking the time to select a proper login name and password. Last September, Symantec reported in its "Internet Threat Report" that most attacks (86 per cent) are made on home users, not on enterprise networks.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit