I remember reading not too long ago about virus programs that are
computer generated and that conduct a random search for unprotected IP
address’ to download to. I was recently talking to some friends who
also shut off their PC when not in use but leave the cable modem
running and connected to speed up the startup process.
The question is are there such virus programs and if they exist what
is the risk factor of being connected for even a brief period of time
without operational protection?
I vaguely recall the worst case scenario that you’re referring to:
an unpatched and unprotected version of either Windows 2000 or an early
version of Windows XP lasted about 30 seconds after connecting to the
internet before it was infected with a virus.
Things are better today, but you still want protection. And turning
your machine off isn’t really helping.
The programs we’re talking about aren’t computer generated, they’ve been written by real people, but they definitely do scan the internet looking for vulnerable PCs. The scary part is that even after all these years of warnings, there are a significant number of machines on the internet that remain unpatched and unprotected.
It’s exactly as you’ve heard: these programs look for machines that are connected directly to the internet that have not been patched with the latest updates to correct known vulnerabilities. In some cases, the vulnerabilities have been known for years, and the patches to correct the vulnerability have also been available … for years. And yet there are unprotected machines out that have been infected in exactly this way. (Many are now spambots, for example.)
But from reading that, you can see that the two criteria for getting infected that way are easily rectified.
“… connected directly to the internet …”. OK, don’t do that. This is extremely easy to fix: get behind a router and the computers out on the internet can’t initiate a connection to your computer. Problem solved. This is why I so highly recommend a router as a firewall as it simply eliminates the issue.
Speaking of firewalls, if you can’t get a router and must connect directly to the internet, then you must get a firewall. At a minimum, enable the Windows firewall already in XP. One of the reasons that machines don’t get infected within 30 seconds of a “naked” internet connection these days is since Windows XP SP1 the internet firewall is on by default.
“… that have not been patched …”. Once again, the solution here is simple: patch. Enable automatic updates, or visit Windows Update or otherwise take steps to ensure that you’re getting the latest and greatest patches to your operating system as soon as they come out.
Remember that the availability of a patch does two things:
Fixes a vulnerability
Announces to the world that the vulnerability exists
Hackers then, having learned of the vulnerability, immediately start trying to exploit it simply to take advantage of machines that have not been patched as quickly as possible.
So to answer your question: the risk of being connected to the internet at any time if you’re unpatched and unprotected is very high. However, if you’ve been taking updates and have placed your machine behind a router or firewall, this kind of threat is very easily dealt with.
In fact, it’s what allows me to have several machines safely connected to the internet 24 hours a day.