Automated "Bots" Overtake PCs Without Firewalls Within 4 Minutes
Automated "bots," worms and other threats pummeled six computer platforms over a two-week period with 305,955 total attacks. Results also revealed that an inadequately protected computer fell victim to an actual compromise within four minutes of first plugging into the Internet.
The study, conducted in partnership with security consultant and reformed hacker Kevin Mitnick, analyzed the security performance of commonly-used computer platforms against Internet attacks in the wild when running on the default security settings designated by vendors. The study revealed that Linspire (Linux) and Microsoft Windows XP Service Pack 1 with the free Zone Labs ZoneAlarm firewall received the fewest number of Internet attacks throughout the two-week experiment. The regular Windows XP Service Pack 1 system without a third-party firewall was the most vulnerable, and was successfully compromised by an attack within four minutes of first plugging into the Internet.
Six different computer platforms were tested in the experiment to simulate the possible computer environments used in an average small office or home office - Microsoft Windows Small Business Server 2003, Microsoft Windows XP Service Pack 1, Microsoft Windows XP Service Pack 1 with ZoneAlarm, Microsoft Windows XP Service Pack 2, Macintosh OS X 10.3.5, and Linspire (Linux). The computers were connected to the Internet for two weeks without any adjustments to the preconfigured security settings from the manufacturer. The objective was to analyze the amount of time each computer platform can exist on the Internet before being compromised, the number of attacks experienced while on the Internet, the number of successful compromises achieved by the attacks, and the type of attacks most commonly seen.
Results revealed that the Linspire computer and the computer running Windows XP Service Pack 1 with ZoneAlarm were the most secure and experienced the fewest number of Internet attacks, without ever being compromised throughout the experiment. These two machines were the most effective at reducing the visibility of the computer from Internet hackers while online and preventing Internet attacks from successfully loading arbitrary malicious code without permission. While receiving more attacks, the Microsoft XP SP2 machine and the Macintosh OS X 10.3.3 were not compromised by the attacks. The Windows XP Service Pack 1 was repeatedly compromised--with the first attack occurring just four minutes after plugging into the Internet--and Windows Small Business Server 2003 was compromised eight hours after plugging into the Internet.
"This experiment underscores the need for consumers to have a personal firewall enabled every time they go online because of automated attacks that are consistently launched on the Internet," said Kevin Mitnick, co-investigator and founder of Mitnick Security Consulting LLC, a security consulting firm. "Owners of Microsoft's Service Pack 2 already have an integrated inbound firewall but to be adequately protected, a personal firewall with inbound and outbound traffic blocking capabilities is essential. This capability can be found in several third-party firewall products, some of which are free and publicly available. If computer users fail to install a firewall onto their home PC, it's just a matter of time before they get hacked."
Malware such as spyware, worms and Trojan horses, can be transferred through e-mail, instant messages, peer-to-peer programs and routine Web browsing. Once loaded onto a computer, these threats have the ability to monitor a user's online activities, capture keystrokes to steal credit card numbers, financial data, usernames and passwords, and communicate this information back to a hacker.
Source: press release
Permalink: Automated "Bots" Overtake PCs Without Firewalls Within 4 Minutes
