Botnets on the Brain

I have botnets a bit on the brain lately (did you notice that a sizable botnet ring was busted yesterday?), so this claimed stat from a New Yorker article on the subject this week got my attention:

One recent study found that a new P.C., attached to the Internet without protective software, will on average be infected in about twenty minutes.

While I’ll cheerfully believe that most PCs will eventually get infected if they are in their unpatched state and left connected for a goodly amount of time, I’m dubious about it happening a predictable 20 minutes. It sounds more like antivirus/anti-bot vendor bumpf than like the results of a real study in the real world.


  1. It’s probably true. The time that it takes for an unpatched computer to be infected has varied but has been in the sub-30-minute range for a few years now. It obviously varies by OS and by features – for example, Windows XP SP2 should be a little more resistant to attack because its firewall is on by default.
    I’ve seen similar times in our QA lab in the past.

  2. Interesting. I’m guessing, as you imply, that it’s an artifact of unpatched Wintel boxes and old O/S’s, in other words, that there is huge variance, but it’s still worth knowing.

  3. There is an amazingly consistent background noise of infection attempts. It’s like exposing a plate of agar. The 20 minutes depends on how thick the skin of the exposed computer is. Your typical consumer grade window’s PC left the factory a while ago.