More and More Attacks

When few of us were on the Net, few hackers were as well. And those hackers who were online didn’t have much to hack. They generally went after machines running the Unix operating system, because Unix machines were more prevalent on the Net in the early days and were quite hackable.

To digress for a moment, most of you have probably heard the term “hacker.” Although sometimes “hacker” just means “anybody who’s good with a computer,” it recently has specifically come to refer to someone whose computer skills are used to cause problems for others, usually over the Internet. That’s how we’re going to use the term in this book.

Even as the Internet began to grow from 1995 to 1998, the rate of hacker attacks remained relatively low. But recently, things have changed dramatically and the number of attacks has increased at a rate even greater than the number of users on the Net. It’s not clear exactly what changed. Maybe the number of machines on the Net reached some sort of critical mass that made hacking worthwhile in the eyes of the hackers. Maybe the media glorified hacking to such an extent that it became “fashionable,” especially for young people. Regardless, hacking is definitely on the rise. One good measure of this increase is the number of official security incidents reported by the CERT Coordination Center. The CERT (which at one time was short for Computer Emergency Response Team) Coordination Center is the major reporting center for Internet security problems.

As you can see in Figure 2.2, sometime around 1999, the incident rate started increasing significantly, and it’s been growing faster than the Internet ever since. In fact it got so great that CERT gave up counting in 2003.

Figure 2.2 The rate of hacking incidents per year.

Exactly what an “incident” is and whether it’s directly relevant to the rest of us are certainly valid questions. So here’s a statistic that we believe will hit much closer to home (so to speak):

In a study performed by Open Door Networks on a typical Macintosh connected through the Ashland Fiber cable network, during a 30-day period in 2009, an average of 37 unique unauthorized access attempts were detected per day.

These access attempts weren’t general incidents at some general Internet reporting center; they were specific access attempts made against a specific Macintosh on our local cable-modem Internet service. And this study, conducted by the authors, is backed up by many additional reports. One widely publicized study at the end of 2004 showed the average unprotected Windows machine was taken over by hackers within 10 minutes of being placed on the Internet! And here’s just one of the many reports that Open Door Networks has received on the subject:

“As is probably true with most of your customers, I have been astounded at how many unauthorized attempts to penetrate my computer there are.”

Machines that the rest of us use on the Internet are getting attacked, and they are getting attacked at a significant and increasing rate. You do need to worry about online security!