Unprotected PCs can expect infection in minutes

The average survival time for an unprotected networked computer dropped from 40 minutes to 20 minutes over the last year, according to the SANS Institute of Bethesda, Md.

That means that an unprotected PC can expect to become infected by a worm within 20 minutes of being connected to an unprotected network.

'The actual time it will take for a specific computer to be compromised will vary widely depending on any filters applied by the Internet Service Provider and the configuration of the operating system,' the institute said.

But the trend reflects the narrowing window of opportunity for users to adequately protect networked computers from known vulnerabilities.

Survival time is figured from daily reports submitted to SANS' Internet Storm Center by volunteers in 70 countries. ISC receives more than 1 billion reports of probes each month from organizations that manage more than 500,000 Internet addresses. The 20-minute figure represents the overall average time between probes on a targeted PC.

Actual probe activity varies over time and according to the level of protection a network provides its users. For instance, users with ISPs that block ports commonly used by worms will have longer survival times.

Monthly averages reported by ISC over the past year ranged from a high of 65 minutes in December 2003 to a low of 15 minutes in April and May. Over the last month, average survival time bottomed out at less than 14 minutes on July 19 and 26, and peaked at about 22 minutes Aug. 1.

To help users protect themselves from online attacks, SANS has published a free survival guide for users of Windows XP. It is available at the SANS Reading Room; click here.

The guide, 'Windows XP: Surviving the first day,' leads users through safe procedures for configuring hardware and software on a new PC and connecting with a network.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected