Study: Warning messages deter hackers
Warning messages presented when users access a computer system to caution against tresspassing decrease the duration of tresspassing incidents, according to a study in the journal Criminology.
Researchers carried out two experiments on a large American university's computer network where they deployed nearly 600 computers, set to either display a warning banner on the login screen or omit the message. In each version of the experiment, they deployed the computers for several months and waited for hackers to try to access the system.
About 4,800 tresspassing incidents occurred, and the hackers were about 20 percent more likely to terminate the session earlier if a warning message had been shown. However, the messages did not prevent the incidents from occuring.
Still, the amount of time spent tresspassing matters, said the study's lead author, David Maimon, a University of Maryland criminology professor.
"If you have a hacker on your system for five minutes instead of ten minutes, the damage the hacker potentially can do is very much different," Maimon said in a press release from the National Consortium for the Study of Terrorism and Responses to Terrorism, where Maimon is a researcher.
The National Institute of Standards and Technology already recommends that warning banners be displayed on login screens to deter unauthorized access. But no prior research had assessed the effectiveness of those messages, the study says.
The study acknowledges a few limitations. The computer network used was at a single university, and only one warning message was tried.
"It could be that a more aggressive or more ambiguous warning would have produced different results," the strudy says.
Additionally, the type of hackers who infiltrate unviersity computers may be less sophisticated than those who try to break into the networks of government and banks.
- go to the study, "Restrictive Deterrent Effects of a Warning Banner in an Attacked Computer System" (sub. req.)