In spite of all the high-profile incidents in recent years, many people still tend to underestimate the threat of hackers and other cyber-criminals. This perception probably stems from the fact that companies are more likely to be targeted than individuals. At the same time, it is also quite common for ordinary people to get hacked, extorted, or otherwise victimized. According to some of the research out there, a hacking attack occurs every 39 seconds. When you consider the fact that not all incidents are reported, the problem becomes even worse.
In case you are wondering where this information comes from, it seems to originate with a study conducted at the University of Maryland (the James A. Clark Engineering School, to be precise). This research, conducted in 2007, attempted to quantify cybercrime and give us accurate statistics. Although the numbers might be a little outdated by now, this is probably the most accurate set of numbers that we are going to get.
A Closer Look: What Kind Of Data Was Used In This Study?
That being said, we can see some interesting things about this data. On close inspection, we see that the researchers only examined one common hacking technique. They concentrated their efforts on researching “brute-force dictionary attacks.” Admittedly, this wasn’t a bad choice because that technique is very common.
Brute-force dictionary attacks are used to figure out unknown passwords and usernames and can be very effective in some instances. The script or program will try many different characters, words, and combinations thereof. Obviously, most of those will be wrong, but the program will learn a little bit from each failed attempt. Over time, it can decode the entire phrase.
In order to get this data, the researchers basically set a trap. They took four computers and set them up with minimal security, then put them online as “bait.” Sure enough, it wasn’t long before brute-force attacks were observed. On average, the interval between cracking attempts was about 39 seconds. The total number of attempted attacks was about 2,244 per day.
What Else Can We Learn From This Study?
Apart from the 39-second interval, a lot of other useful information was found here. For one thing, the researchers found that most of the attacks were not made manually. Most of them were done using automated scripts, which obviously poses less risk to the hacker. Not only that, but it allows them to probe hundreds or even thousands of networks at the same time. The hackers generally do not focus on a particular machine until it has been identified as a promising target.
There is also some good news to be seen in this report, although it only confirms that which is commonly known. Complex passwords are much, much harder for a brute-force program to crack. In fact, with sufficient complexity, you can render these tools virtually useless. As the term “dictionary attack” implies, these scripts and programs use common words from various languages, and that is what allows them to extrapolate the full phrase from a partial answer.
In a way, it’s kind of like that old show “Wheel Of Fortune.” The program takes random guesses to reveal part of the answer, then tries to “fill in the blanks” using common words. Now, imagine that the answer is just a jumbled bunch of gobbledygook? When you think about it this way, you can see that a randomized password is not practical to crack with this method. It would simply take far too long.
Other Relevant Statistics
While we are discussing cybersecurity statistics, we may as well look for a second source and learn a little more. This article from Varonis might give us a few more useful insights, so let’s give it a look. Here are a few key takeaways:
- In the first half of 2019, about 4.1 million records were exposed through cyberattacks.
- Most hackers are simply criminals looking for money. It seems that only 25% of hacking attacks are carried out for espionage purposes.
- When malicious email attachments are used, they will most likely have one of three file extensions: .doc, .dot, or .exe.
- Reported incidents have increased 11% in the last two years, and have increased by 67% since 2014.
- The average security breach takes 314 days to contain and remove.
- Only about 36% of Americans have ever checked to see if a data breach affected their information.
- 34% of all data breaches were found to be inside jobs to one extent or another.
There is a lot more, but we think you get the picture. All of the numbers indicate that the threat of hacking will only become greater as time goes on. When we look at that fourth item, we can see that the problem has increased by a huge margin within the last six years or so. That suggests a future in which cyber-crime becomes the most common type.
As traditional crime becomes harder and harder to get away with, digital crime will continue to attract many bad actors. That’s why it is so important for everyone to take proper security precautions. The kinds of people who make their living through hacking are also the kinds of people who look for easy targets. If you aren’t one, they are likely to look elsewhere.
We hope that you have enjoyed this article and that you have also learned a few things in the process. At PCH Technologies, we strive to help our customers to be better informed, as that can only make you safer. Knowledge has always been a form of power, and this has never been more true than today. Cyber-crime might be scary, but it’s just a part of life and a danger that can be avoided with a little help and precaution. If you would like to know more, please feel free to call us at (856) 754-7500.