Massive levels of black hat hacker activity have been revealed by the Honeynet project, a specially constructed online network that exists purely to monitor attacks against it. The site has highlighted massive amounts of hacker activity, and gives a stark warning to web users.
Its latest report warns that the secure life expectancy of a default installation of Red Hat 6.2 server, such as might be used for a web server, is less then 72 hours.
"The fastest time ever for a system to be compromised was 15 minutes. This means the system was scanned, probed and exploited within 15 minutes of connecting to the internet," said Honeynet.
A second example is a default Windows 98 desktop installation, such as that found on many home PCs, permanently hooked up to the internet via ADSL or cable.
"This was compromised in less than 24 hours. In the following three days it was successfully compromised another four times. This makes a total of five successful attacks in less than four days," the group said.
The most popular attacks were apparently against Intel architecture machines, but Honeynet also discovered that the same attacks were thrown against Sparc machines, indicating that "some black hats are not bothering to confirm what operating system nor what version of the service you are running".
Some attackers have streamlined their scanning process to merely look for a specific service. If they find the service, they launch the exploit without even first determining whether the system is vulnerable, or even if it is the correct system.
"This active approach allows black hats to scan and exploit more systems in less time," said the group, although it added that "many black hats only use a single tool or exploit that they know how to use, or is the most effective".
Another interesting point the report raised was that at the very minimum an attacker would have to gather intelligence ahead of the attack, and then check again just prior to the attack revealing that "almost all attacks could be detected two to three days ahead of time".
As a final warning the project pointed out that the Honeynet system used to collect this information had no production systems of value, nor was it advertised to lure attackers. "If your organisation has any value, or is advertised in any way, you are most likely exposed to even greater threat," it said.
Get more info on the Honeynet project here.
New Vikendi map adds snow, snowmobiles and new aural and visual twists
Faults and bad weather ground SpaceX, Blue Origin, Arianespace and United Alliance
New regulation expected to cut greenhouse gas emissions by about 17 million metric tonnes between 2020 and 2050
Molybdenum ditelluride is a two-dimensional material that can be easily stacked into multiple layers to create a memory cell