* Automated Scripts Allow Hackers to Attack Every 39 Seconds

TechViews News   …..

In the movies most hackers have been portrayed as people with grudges who target specific institutions and manually try to hack into their computers. But in reality, most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities.

You may not be a major corporation that is an easily identifiable target for hackers, but your computers, even home computers, are constantly under attack.

The automated scripts simply run through hundreds of thousands of IP addresses and probe computer systems until it finds an open door. This opening is usually an unchanged administrative password or a system without a secure firewall.

A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average—and the non-secure usernames and passwords we use that give attackers more chance of success.

The study, conducted by Michel Cukier, Clark School assistant professor of mechanical engineering and affiliate of the Clark School’s Center for Risk and Reliability and Institute for Systems Research, profiled the behavior of “brute force” hackers, who use simple software-aided techniques to randomly attack large numbers of computers. The researchers discovered which usernames and passwords are tried most often, and what hackers do when they gain access to a computer.

“Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections,” Cukier notes. “The computers in our study were attacked, on average, 2,244 times a day.”

Cukier and two of his graduate students, set up weak security on four computers with Internet access, then recorded what happened as the individual machines were attacked. They discovered the vast majority of attacks came from relatively unsophisticated hackers using “dictionary scripts,” a type of software that runs through lists of common usernames and passwords attempting to break into a computer.

“Root” was the top username guess by dictionary scripts—attempted 12 times as often as the second-place “admin.” Successful ‘root’ access would open the entire computer to the hacker, while ‘admin’ would grant access to somewhat lesser administrative privileges. Other top usernames in the hackers’ scripts were “test,” “guest,” “info,” “adm,” “mysql,” “user,” “administrator” and “oracle.” All should be avoided as usernames, Cukier advises.

The researchers found the most common password-guessing ploy was to reenter or try variations of the username. Some 43 percent of all password-guessing attempts simply reentered the username. The username followed by “123” was the second most-tried choice. Other common passwords attempted included “123456,” “password,” “1234,” “12345,” “passwd,” “123,” “test,” and “1.” These findings support the warnings of security experts that a password should never be identical or even related to its associated username, Cukier says.

Remember that John Podesta, Hillary Clinton’s Presidential Campaign Chairman had his email hacked during her campaign. Revelations about her behind-the-scenes activities in his emails helped to sink her chances at being elected President. How was his email hacked? He used “password” as his password. He should have known better.

Once hackers gain access to a computer, they swiftly act to determine whether it could be of use to them. During the study, the hackers’ most common sequence of actions was to check the accessed computer’s software configuration, change the password, check the hardware and/or software configuration again, download a file, install the downloaded program, and then run it.

What are the hackers trying to accomplish? “Often they set up ‘back doors’—undetected entrances into the computer that they control—so they can create ‘botnets,’ for profit or disreputable purposes.”

A botnet is a collection of compromised computers that are controlled by autonomous software robots answering to a hacker who manipulates the computers remotely. Botnets can act to perpetrate fraud or identity theft, disrupt other networks, and damage computer files, among other things.

And then, of course, the door is open for your private, personal information to be stolen. You may not think you have anything that a hacker would want. But if you shop online with a credit card, do your taxes online, even research family issues online, then you are a valid target.

And then there’s the danger of your email being read. That can be devastating … just ask John Podesta.

Be Safe – Backup Your Data Regularly!

**********

And don’t forget to take advantage of our FREE subscription to the TechViews.org Newsletter. A must-read if you are interested in Internet Security.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s