Market Share of Hacking Targets

hacker_659pxMy site is dedicated to further exploring the techniques and know-how of hacking the various operating systems and configurations a person might run into among the vast wilderness that is the internet. It has come to my attention that the following information may be of interest to my readers. Here, we will take an enlightening look at what operating systems and programs the average hacking target might be running. While you may be running the latest and greatest operating systems and apps, we can’t assume the same is true for our potential targets.

Let’s take a look at some current data on operating systems, web servers, browsers, and mobile operating systems, rather than assume that everyone is running the latest, greatest and most secure operating systems. In this way, we can get an idea of what operating systems we should focus our skills on in developing our attack scenarios.


6874.5_01C91EBCDesktop and Clients

  1. Windows 7 – 47.5%
  2. Windows XP – 29.2%
  3. Windows 8 – 6.6%
  4. Windows 8.1 – 3.9%
  5. Windows Vista – 3.3%
  6. Mac OS X 10.9 – 3.2%
  7. Linux – 1.6%
  8. Other Mac OS X versions – 4.5%

You might be surprised that almost 30% of all desktop systems are still running Windows XP, despite the fact that Microsoft will be discontinuing support in April 2014.

I can tell you from my experience at some major corporations and military installations that there are MANY Windows XP systems in those “secure” environments. Apparently, these institutions assume that the transition costs are greater than the potential security risk. Furthermore, Windows XP remains very popular in many developing nations and among pirated copies, which are not reflected here in these figures.

The other thing to note here is that nearly 8% of the client computers are running a version of Mac OS X. Due to a misconception perpetuated by Mac users and salespeople, many Mac users believe that their systems are impervious to hacking and viruses and as such, and a result, don’t run antivirus software or other security measures.


Web Browsers

  1. Internet Explorer 8 – 21.2%
  2. Firefox 26 – 13.4%
  3. Internet Explorer 11 – 11.5%
  4. Internet Explorer – 10 9.8%
  5. Internet Explorer – 9 8.9%
  6. Chrome 32 – 6.79%
  7. Chrome 31 – 6.62 %
  8. Internet Explorer – 6 4.5%
  9. Internet Explorer 7 – 2.5%
  10. Other – 32%

DSC7yiMNotice that the most widely used browser is still IE8, despite all its security vulnerabilities, with over 1 in 5 computers still running this browser. If we include IE6 and IE7, over 28% of computers are running these highly vulnerable browsers.


web_server-1331pxWeb Servers

  1. Apache – 41.6%
  2. Microsoft’s IIS – 29.4%
  3. Nginx – 14.4%
  4. GWS – 2.5%

Interestingly, despite all the security problems Apache has had recently, fewer than 1% of the busiest websites are running the newest version of Apache 2.4.x. That’s an awful lot of vulnerable web servers!


Mobile Operating Systems (by Browsing)

  1. osiOS – 54.5%
  2. Android – 34.6%
  3. Java ME – 4.3%
  4. Symbian – 3.4%
  5. Blackberry – 1.5%
  6. Windows Phone – 0.6%

iOS and Android comprise over 90% of all browsing by mobile devices. Obviously, that is where we should focus our attack efforts.

I hope you find this information enlightening as far as what operating systems, web servers, and browsers are being used by the general public. I feel that many of us lose sight that the rest of the world is not necessarily running the latest and most secure software.

Tagged , , , , , , , , , , , , , . Bookmark the permalink.

Comments are closed.