An unprotected PC that connects to the Internet can be hacked in minutes, and used together with other hacked machines to dispense spam, conduct denial-of-service attacks or carry out identity-theft scams. That was the finding of a test conducted by USA TODAY and Avantgarde, a San Francisco tech marketing and design firm. Several "honeypot" computers were set up in order to trap hackers, with monitoring in place to see what traffic they would attract. Former hacker Kevin Mitnick was hired as a security consultant to perform the experiment.
"It's a hostile environment out there. Attackers have become extremely indiscriminate." - Kevin Mitnick.
Each PC was connected to the Internet via a broadband DSL connection and monitored for two weeks. The result? Break in attempts happened almost instantly, and continued long and hard. An average of 341 attacks per hour were recorded against the Windows XP machine with no firewall or recent security patches, 339 per hour against the Apple Macintosh and 61 per hour against the Windows Small Business Server.
According to the article, an estimated 67% of consumers do not use a firewall. More here.