How Vulnerable is an Unprotected PC on the Internet?

How long do you reckon an unprotected PC, i.e., with no firewall or antivirus, will remain uninfected after it is connected to the internet? Months, weeks, days, hours, minutes? Would you believe just 8 seconds!

According to the BBC World article Jacques’ Hack Attack in which Spencer Kelly met up with Jacques Erasmus, an ex-hacker turned computer security expert, it was just 8 seconds before an unprotected PC connected to the internet was hit by Sasser.

Jacques wanted to show me just how risky it is to connect an unprotected PC to the ‘net. We set up a poor Windows XP machine with no firewall or anti-virus software – connecting it to the Internet would be like throwing it into a lion pen with raw meat strapped to its hard drive. How long would it be before we were hit by something nasty on the net? Hours, minutes? As it turned out – eight seconds!

We were hit by Sasser, one of the fastest spreading worms on the ‘net, and it wastes no time at all in taking over your PC. Within seconds of infection, our PC started downloading some strange programs, or payloads, from mysterious Internet addresses. These payloads are the programs that can take control of your machine and turn it into a remote controlled bot.

Our machine then started scanning random Internet addresses, looking for other vulnerable PCs to infect. Then Internet Explorer started downloading spyware. Within 5 minutes our PC was running so many malicious programs, that the CPU was running flat-out at 100% – and we weren’t even touching it.

Of course, if you’ve been a victim of hacking, it’s no laughing matter – it certainly wasn’t for our PC, which crashed completely in under 30 minutes.

Under no circumstances should you connect to the internet without a good antivirus, firewall, and anti-spyware software. For good, free, software to protect your PC see my page on Recommended Software.