Being online means you will be attacked by intruders
Real AudioIf your computer is connected to the Internet, especially by a broadband connection, it's being almost constantly probed by malicious hackers who are looking to enslave machines and use them to send spam, steal consumers' identities or launch "denial of service" attacks against computer networks.
That's the conclusion of an experiment conducted by tech marketing and design firm Avantgarde and USA Today newspaper. Security vendor Zone Labs, which makes firewall software, also contributed to the experiment.
Researchers connected six newer computers running different operating systems and security software to the 'Net, and watched what happened over two weeks.
Avantgarde's Marcus Colombano is booting up the Windows XP machine with no security updates. The machine is attacked in just 8 minutes.
COLOMBANO: We've just been attacked. So right now what it's doing is...it's fully infected. It's trying to find open doors on other machines. Now it's looking at hundreds of machines a minute. And it's using our Windows XP Service Pack 1 machine as the basis for that attack. (Gordon: So in essence this machine has sort of become that attacker?) It is the attacker now.
The "honeypot" computers, connected to the net through broadband DSL, included four Dells running different Windows XP configurations; an Apple Macintosh; and a machine running the open-source Linux operating system. The break-in attempts started almost immediately on all machines, and were constant.
The only machine that proved truly vulnerable was the Windows XP machine with no recent security updates or a firewall to block incoming and some outgoing Internet traffic. That machine suffered 341 attacks per hour. Attackers exploited the same Windows security flaws that allowed the widely-reported Blaster and Sasser worms.
Convicted hacker Kevin Mitnick, now an independent security consultant, lead the experiment. Mitnick says the test illustrates the dangers of simply being online.
MITNICK: If you're the average consumer, and you go into Best Buy, Circuit city or any computer shop, purchase the computer, and take it out of the box without setting up a personal firewall, your computer is going to be compromised in probably under 5 minutes. Probably the longest it will take is a couple hours before some attacking program successfully compromises your computer and takes it under control. ---
Most new Windows computers will come out of the box with a firewall turned on, but it's not as strong as a third party firewall, and still requires some fiddling.
In the experiment, the attempted attacks against the Mac, Linux and Windows XP machines with firewalls were unsuccessful.
MITNICK: These were not human beings sitting behind the computer and manually attacking us. These were automated programs that first exploited a vulnerability that was pretty much open because these systems didn't have a software firewall in place. And then once that vulnerability was successfully exploited, it installed malicious code like a worm and then immediately our machines tried to infect other innocent victims with the worm. In other words, it tried to spread.
What are the consequences of these routine attacks? First, your computer could suffer slow-downs, or worse, maybe even something as bad as an erased hard drive. Your computer could unwittingly become part of a spam operation, or used to help hackers take down a Web site. But most of the time, according to Minneapolis-based security researcher Bruce Schneier, nothing comes of the attacks.
Schneier, who took no part in this experiment, helps conduct similar tests for an independent group, the Honeynet Project.
SCHNEIER: The machine is hacked but then it's not used for anything. So we're finding that the hackers out there are getting more computers than they need and know what to do with. Because it's really easy to get a machine. If you need five or ten hacked computers for whatever it is you're doing, the easiest way to do it is run a script that will, while you sleep, break into machines, just one after the other.
The researchers who conducted the experiment, including the maker of the ZoneAlarm firewall, say it shows the value of strong firewall software, something most consumers don't own.
Schneier says you should be aware that security companies have an agenda: to sell their products.
SCHNEIER: Anyone getting a new computer, the best advice I can give them is back up. Back up, back up, back up. Something bad will eventually happen and you willl want to save your data. Buy a firewall if you can. Buy an antivirus product. Keep your patches up to date. But understand there is no silver bullet. There's nothing you can do that will make you magically, perfectly safe.
Jon's daily tech news links:
Business Week: TV phones prep for prime time
eWeek: AOL's "Singingfish" fine-tunes multimedia search
News.com: Lycos Europe launches spam vigilante campaign
New York Times: College students having more fun that YOU did