A computer hacker strikes every 39 seconds, according to a report by the University of Maryland.

The study is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access-every 39 seconds on average-and the non-secure usernames and passwords people use give attackers more chance of success.

The study, conducted by Michel Cukier, Clark School assistant professor of mechanical engineering and affiliate of the Clark School's Center for Risk and Reliability and Institute for Systems Research, profiled the behavior of "brute force" hackers, who use simple software-aided techniques to randomly attack large numbers of computers. The researchers discovered which usernames and passwords are tried most often, and what hackers do when they gain access to a computer.

On TV and in film, these kinds of hackers have been portrayed as people with grudges who target specific institutions and manually try to break into their computers. But in reality, Cukier says, "most of these attacks employ automated scripts that indiscriminately seek out thousands of computers at a time, looking for vulnerabilities."

"Our data provide quantifiable evidence that attacks are happening all the time to computers with Internet connections," Cukier notes. "The computers in our study were attacked, on average, 2,244 times a day."

Once hackers gain access to a computer, they swiftly act to determine whether it could be of use to them. During the study, the hackers' most common sequence of actions was to check the accessed computer's software configuration, change the password, check the hardware and/or software configuration again, download a file, install the downloaded program, and then run it.