ISC: Unpatched Windows PCs fall to hackers in under 5 minutes

SANS Institute's Internet Storm Center estimates "survival" time of unpatched Windows machine at around 4 minutes.

Gregg Keizer 15 July, 2008 08:48

It takes less than five minutes for hackers to find and compromise an unpatched Windows PC after it's connected to the Internet, a security researcher said today.

The SANS Institute's Internet Storm Center (ISC) currently estimates the "survival" time of an Internet-connected computer running Windows at around four minutes if it's not equipped with the latest Microsoft security patches, said Lorna Hutcheson, a researcher and analyst, in a post to the ISC blog.

"I have been asked many [times] by people if I really believed the survival time graph on the ISC site was truly an accurate representation of how long a new system had once connected," said Hutcheson. "The answer to this is 'yes' for most home users and systems that are Internet facing.

ISC maintains a record of the time between network probes for an average IP address, and assumes that hackers would follow a successful probe -- which would disclose one or more open ports -- with an exploit, most likely a worm.

Another security researcher, however, said unpatched machines can last longer than just a few minutes before falling to attack. The German Honeypot Project, which sets vulnerable systems on the Internet to collect malware, estimates survival time in hours, not minutes.

"Compared to the survival time from the Internet Storm Center which is currently below five minutes, we measure a higher survival time," said Thorsten Holz, a co-founder of the project and current a Ph.D. student at the University of Mannheim, in a post to the Honeypot Project's blog. The project's data estimates the average time between connecting to the Internet and compromise at under 1,000 minutes, or approximately 16 hours.

"[But] the time is still short and you need to patch a system before taking it online," said Holz.

"While the survival time varies quite a bit across methods used, pretty much all agree that placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn't bet on in Vegas," added Hutcheson of the ISC.

Computerworld Buyer's Guide - Vendors Matched to this Article

Dimension Data , Trend Micro , GFI , MessageLabs , CA

More about The SANS Institute, Microsoft, SANS Institute

Comments

Post new comment

Have your say!

Computerworld Buyer's Guide - Vendors Matched to this Article

Dimension Data , Trend Micro , GFI , MessageLabs , CA

Discussions on The Computerworld Forum

Whitepapers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Zones

Zones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

RSS Feeds

Computerworld Today

Show all RSS feeds

More >

Computerworld Webinar

Thursday, June 11th, 2009
10:30am EST (Sydney, Australia)
Screening at your PC

Computerworld is hosting a 30 minute live webinar to help you to learn how unified communications can save you money, foster innovation and business agility by making it easier for people to find, reach and collaborate with one another.

Register Now

+

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

This week's CW Live podcast features a discussion between Audrey William, research director at research firm Frost & Sullivan Australia, and Craig Campbell, business unit executive for Integrated Communications Services at IBM Australia / New Zealand on why companies are adopting unified communications, and whether there is any benefit to hosting a unified communications solution in the cloud.

[ MP3 (2.22 MB) | Windows Media (2.26 MB) ]
+

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

This week's CW Live features a discussion between Dr Kevin McIsaac, IBRS Research's Advisor for Virtualisation and Craig McKenna, Consulting Technical Leader, System Storage, for IBM's Growth Markets division, on why storage virtualisation is key to an organisation's information management plan.

[ MP3 (4.62 MB) | Windows Media (4.69 MB) ]
+

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

CW Live speaks with Matthew Zanner, HP ProCurve worldwide director of datacentre solutions, about how cloud computing is changing the way IT professionals are designing their networks and running their datacentres.

[ MP3 (3.25 MB) | Windows Media (2.48 MB) ]
+

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

CW Live speaks with Mark Thompson, Global Sales/Marketing Manager for HP's ProCurve Networking Business, to discuss strategies for reducing the cost of enterprise mobility, including tips on securing a wireless network, smart network design strategies, and advice for simplifying the management and support of wireless networks.

[ MP3 (3.63 MB) | Windows Media (2.77 MB) ]
+

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

CW Live speaks withLin Nease, Director of Emerging Business for HP ProCurve, to discuss the future of networks, including the effect of IP-based storage on datacentres, new capacity requirements generated by the use of 10Gb Ethernet, and how an efficient network design can slash energy and cooling costs, and help enterprises build a "green" image.

[ MP3 (5.45 MB) | Windows Media (4.15 MB) ]

More >

The business justification for data security

In the information security world we face two major types of threats: "noisy" threats which directly interfere with our ability to do business and "quiet" threats which cause real damage, but don't necessarily prevent people from doing their jobs. Read on to discover how to combat both types of threats and to justify the use of data security within your business.

Enterprise IT Buyer's Guide

Find Technology Vendors Fast

Find vendors by name | Find by category

Comments

Post new comment

Savings do add up: How organisations are saving thousands by adopting Unified Communications and Collaboration. 15 June, 2009 12:01

Storage Virtualisation: Increasing Information Availability and Lowering Costs 02 June, 2009 12:36

Computerworld Live Podcast #100: Enterprise Cloud Computing and Network Virtualisation 25 March, 2009 13:46

Computerworld Live Podcast #99: Reducing the Costs of Enterprise Mobility 28 January, 2009 10:43

Computerworld Live Podcast #98: The Future of Datacentre IP 18 December, 2008 10:33

Verbatim Announces SSD ExpressCards for PC and Mac Users 06 July, 2009 14:26

Verbatim lets data sprint with launch of eSATA Combo Hard Drives 06 July, 2009 14:23

KORDZ punts on US home cinema market turn around 06 July, 2009 12:20

Frost & Sullivan: Converged Services A Natural Play For Telcos 06 July, 2009 09:06

Challenge Your Memory with Kingston and Win Hot Memory Products Home 03 July, 2009 12:20

The business justification for data security

Buying Guides

Latest Products

Buying Guides

Latest Products