Study: Hackers Attack Computers Every 39 Seconds
February 8, 2007
Are hackers trying to get into your computer right now? And what are they up to? A study by the University of Maryland's A. James Clark School of Engineering is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access - every 39 seconds on average - and the non-secure usernames and passwords we use that give attackers more chance of success.
The study, conducted by Michel Cukier, Clark School assistant professor of mechanical engineering and affiliate of the Clark School's Center for Risk and Reliability and Institute for Systems Research, profiled the behavior of "brute force" hackers, who use simple software-aided techniques to randomly attack large numbers of computers. The researchers discovered which usernames and passwords are tried most often, and what hackers do when they gain access to a computer.
On TV and in film, these kinds of hackers have been portrayed as people with grudges who target specific institutions and manually try to break into their computers. But in reality, Cukier says, "most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities."
"Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections," Cukier notes. "The computers in our study were attacked, on average, 2,244 times a day."
Cukier and two of his graduate students, Daniel Ramsbrock and Robin Berthier, set up weak security on four Linux computers with Internet access, then recorded what happened as the individual machines were attacked. They discovered the vast majority of attacks came from relatively unsophisticated hackers using "dictionary scripts," a type of software that runs through lists of common usernames and passwords attempting to break into a computer.
"Root" was the top username guess by dictionary scripts - attempted 12 times as often than the second-place "admin." Successful 'root' access would open the entire computer to the hacker, while 'admin' would grant access to somewhat lesser administrative privileges. Other top usernames in the hackers' scripts were "test," "guest," "info," "adm," "mysql," "user," "administrator" and "oracle." All should be avoided as usernames, Cukier advises.
The researchers found the most common password-guessing ploy was to reenter or try variations of the username. Some 43 percent of all password-guessing attempts simply reentered the username. The username followed by "123" was the second most-tried choice. Other common passwords attempted included "123456," "password," "1234," "12345," "passwd," "123," "test," and "1." These findings support the warnings of security experts that a password should never be identical or even related to its associated username, Cukier says.
Once hackers gain access to a computer, they swiftly act to determine whether it could be of use to them. During the study, the hackers' most common sequence of actions was to check the accessed computer's software configuration, change the password, check the hardware and/or software configuration again, download a file, install the downloaded program, and then run it.
What are the hackers trying to accomplish? "The scripts return a list of 'most likely prospect' computers to the hacker, who then attempts to access and compromise as many as possible," Cukier says. "Often they set up 'back doors' - undetected entrances into the computer that they control - so they can create "botnets," for profit or disreputable purposes." A botnet is a collection of compromised computers that are controlled by autonomous software robots answering to a hacker who manipulates the computers remotely. Botnets can act to perpetrate fraud or identity theft, disrupt other networks, and damage computer files, among other things.
This study provides solid statistical evidence that supports widely held beliefs about username/password vulnerability and post-compromise attacking behavior. Computer users should avoid all of the usernames and passwords identified in the research and choose longer, more difficult and less obvious passwords with combinations of upper and lowercase letters and numbers that are not open to brute-force dictionary attacks.
Source: By Rebecca Copeland, University of Maryland
-
For Facebook 'Hacker Way' is way of life
Feb 05, 2012 |
3 / 5 (1) |
1
-
Helping businesses defend against cyber threats
Dec 06, 2011 |
4 / 5 (1) |
1
-
Websites downed in Russia poll 'hack attack'
Dec 04, 2011 |
not rated yet |
0
-
HP slams 'sensational' reports about LaserJet printer hack vulnerability
Nov 30, 2011 |
5 / 5 (3) |
32
-
US report blasts China, Russia for cybercrime
Nov 03, 2011 |
4 / 5 (5) |
16
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (31) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (3) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (1) |
0
-
Synergistic relations between computer science and technology.
Feb 06, 2012
-
how do iphone gloves work?
Feb 05, 2012
-
iPhone battery over time
Jan 30, 2012
-
Best alternate Tablet to an iPad for writing math or physics equations?
Jan 26, 2012
-
Sending SMS to a website
Jan 20, 2012
-
Need help with my technical fest!
Jan 19, 2012
- More from Physics Forums - Computing & Technology
More news stories
Google users warned of threat to smartphone wallets
Users of Google smartphone wallets were being warned on Friday that there is a way to crack pass codes intended to thwart thieves from going on illicit shopping sprees.
41 minutes ago |
not rated yet |
0
CIA website offline, Anonymous takes credit
The website of the Central Intelligence Agency was unresponsive on Friday after the hacker group Anonymous claimed to have knocked it offline.
2 hours ago |
5 / 5 (3) |
8
New error-correcting codes guarantee the fastest possible rate of data transmission
Error-correcting codes are one of the triumphs of the digital age. Theyre a way of encoding information so that it can be transmitted across a communication channel such as an optical fiber o ...
Technology / Computer Sciences
10 hours ago |
5 / 5 (4) |
5
|
New power source discovered
(PhysOrg.com) -- Researchers at the Massachusetts Institute of Technology (MIT) and RMIT University have made a breakthrough in energy storage and power generation.
Technology / Energy & Green Tech
9 hours ago |
4.8 / 5 (16) |
3
|
Small modular reactor design could be a 'SUPERSTAR'
(PhysOrg.com) -- Though most of today's nuclear reactors are cooled by water, we've long known that there are alternatives; in fact, the world's first nuclear-powered electricity in 1951 came from a reactor ...
Technology / Energy & Green Tech
10 hours ago |
4.2 / 5 (10) |
19
|
NASA sees wide-eyed cyclone Jasmine
Cyclone Jasmine's eye has opened wider on NASA satellite imagery, as it moves through the Southern Pacific Ocean.
NASA sees Giovanna reach cyclone strength, threaten Madagascar
Tropical Storm 12S built up steam and became a cyclone on February 10, 2012 as NASA's Terra satellite passed overhead. Residents of east-central Madagascar should prepare for this cyclone to make landfall ...
Complex wiring of the nervous system may rely on a just a handful of genes and proteins
Researchers at the Salk Institute have discovered a startling feature of early brain development that helps to explain how complex neuron wiring patterns are programmed using just a handful of critical genes. ...
Putting the squeeze on planets outside our solar system
(PhysOrg.com) -- Using high-powered lasers, scientists at Lawrence Livermore National Laboratory and collaborators discovered that molten magnesium silicate undergoes a phase change in the liquid state, abruptly ...
The power of estrogen -- male snakes attract other males
A new study has shown that boosting the estrogen levels of male garter snakes causes them to secrete the same pheromones that females use to attract suitors, and turned the males into just about the sexiest ...
Grass to gas: Researchers' genome map speeds biofuel development
Researchers at the University of Georgia have taken a major step in the ongoing effort to find sources of cleaner, renewable energy by mapping the genomes of two originator cells of Miscanthus x giganteus, a large perenn ...