Forgot your password?
typodupeerror
Government Stats Botnet Microsoft Security Worms Your Rights Online

Rich Countries Suffer Less Malware, Says Microsoft Study 84

Posted by timothy
from the better-treatment-helps dept.
chicksdaddy writes "To paraphrase a quote attributed to F. Scott Fitzgerald: 'Rich countries aren't like everyone else. They have less malware.' That's the conclusion of a special Security Intelligence Report from Microsoft, anyway. The special supplement, released on Wednesday, investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: cyber security (by Microsoft's definition: low rates of malware infection) correlated positively with many characteristics of wealthy nations – high Gross Income Per Capita, higher broadband penetration and investment in R&D and high rates of literacy. It correlated negatively with characteristics common in poorer nations – like demographic instability, political instability and lower levels of education.'"
This discussion has been archived. No new comments can be posted.

Rich Countries Suffer Less Malware, Says Microsoft Study

Comments Filter:
  • You don't say? (Score:5, Insightful)

    by Maximalist (949682) on Thursday February 07, 2013 @10:29AM (#42819793)

    Better literacy leads to a better ability to spot the poorly written bogus come-ons that get you infected when you click on them? I just can't believe it.

    • Re:You don't say? (Score:5, Insightful)

      by TWX (665546) on Thursday February 07, 2013 @10:33AM (#42819835)

      Better literacy leads to a better ability to spot the poorly written bogus come-ons that get you infected when you click on them? I just can't believe it.

      Not from what I've seen...

      Having a techie friend call to fix it when it's broke is what gets most people out of the jam.

      Though with my friends, I charge $60/hr to friends to fix their computers on the side. As a consequence I do maybe two side jobs a year. I don't want to do side work, and when they know that it'll cost probably $120 to get their $500 computer fixed, they do tend to be at least a little more careful.

      • by Anonymous Coward

        Better literacy leads to a better ability to spot the poorly written bogus come-ons that get you infected when you click on them? I just can't believe it.

        Not from what I've seen... Having a techie friend call to fix it when it's broke is what gets most people out of the jam. Though with my friends, I charge $60/hr to friends to fix their computers on the side. As a consequence I do maybe two side jobs a year. I don't want to do side work, and when they know that it'll cost probably $120 to get their $500 computer fixed, they do tend to be at least a little more careful.

        Amen brotha.

        No one expects a mechanic to fix your engine for free. No one expects a lawyer to draw up a contract for you for free. No one expects a doctor to fix a broken leg for free.

        For some reason people think that the guy who spent hundreds of hours of his time mastering this skillset should fix their computers for free. They often act hurt and offended when you decline! I don't understand why people think the principles applying to all those other skillsets magically don't apply to this one.

        • by Anonymous Coward

          I wouldn't expect my brother to charge me $60 per hour to fix a fucking computer either.

          There's a difference between acting as free labor and acting as an entitled asshole. People will literally work 3 hours free of charge to help you move houses, but they get pissy if you expect the same in return for computer work.

          In a professional capacity, I can easily charge twice what he charges and still get business, doesn't mean I will charge above $20/hr to friends.

          • Re: (Score:3, Informative)

            by emho24 (2531820)
            I wouldn't expect my brother to charge me $60 per hour to fix a fucking computer either.

            Maybe not for the first few times, but after a while it just gets freaking old. That's when an hourly rate starts to sound appealing to me. Even family members need to learn and stop making the same stupid mistakes over and over.
            • Exactly. After years of dealing with the same old shit from almost everyone you know, it really does start to get old. It starts to feel as if everyone just uses you as a cushion to catch them when they fall, and never make any attempt to learn a damn thing about what they're doing that they shouldn't be doing themselves to prevent it from happening in the future...

              Very few people actually listen and try to understand what I have to say. Those that do and actually follow my suggestions, I rarely ever hea

        • +5, Beyond Insightful! Well said AC. I never have mod points when I need them.

          I've personally given up on helping people with their computers for the most part, because in the end they usually seem to be ungrateful assholes who just want to get out of paying some "real" computer repair shop $70 just to fucking look at the damn thing, and who knows what else on tap of that! A shop in a nearby city I noticed advertises that it will remove viruses (that's it!) for a whopping $90. I'm done being walked all

      • by antdude (79039)

        What about family members?

        • Re:You don't say? (Score:5, Insightful)

          by Erikderzweite (1146485) on Thursday February 07, 2013 @12:30PM (#42820977)

          Mine have been forcefully switched to Linux. Much easier to support since I've set up ssh reverse tunnel with port forwarding for vnc. So if a PC is online, I can fix it. If not -- there's a custom LiveCD which does the same trick with reverse ssh.

          Oh, and no problems with malware whatsoever.

          • Re: (Score:2, Insightful)

            by Anonymous Coward

            A few years ago I set up my parents with Ubuntu LTS, since they wanted something that worked and I didn't want to update it every 6 months. Everything was working fine, until my sister's dickhead boyfriend "upgraded" it to the latest version and messed everything up. From then on, when my parents had trouble I referred them back to dickhead boyfriend, since he evidently volunteered to maintain their OS from then on. Once it involved responsibility he wouldn't do shit, and I wasn't inclined to clean up his m

          • "Ok Grandma so you can't look at a picture. Here is what you need to do - drop to a command line and start your ssh server. Check to make sure that the port is forwarded so I can connect on my end with VNC. Ok that all set up? Great now I can start to help you."

            An operating system is not a panacea. What I have done with my family, instead of ramming something down their throat that is likely above their abilities, is to teach them good basic security practices, and that bad things can happen if you are no
            • by steveg (55825)

              My sister has an icon on her desktop that says "Connect to Steve at home" and one that says "Connect to Steve at work." She calls me up, I set up the VNC client in listen mode, and she clicks the icon.

              I then have access to her machine. All the command line stuff is done in a script attached to that icon. She doesn't have to deal with it. It's not that hard.

              • So what happens if the icon isn't there? What happens if the program that is supposed to run when she clicks the icon is broken?

                Now read the rest of my post. Forcing someone to use {Product X} isn't the answer to security.
                • by steveg (55825)

                  Maybe. Maybe not. But it is certainly the answer to support. I can support this. When she was using Windows, her "local" support was Best Buy, and they charged her a ton of money without solving the problems. I'm not local (she's 1100 miles away), and my ability to help over the phone was limited, especially since the last version of Windows I used with any regularity was NT4.

                  If she gets an iPad, she's on her own. I have no expertise with that.

                  What if the program isn't there or is broken? What if my

              • And when she buys an iPad, how are you going to duplicate that setup?
                • by causality (777677)

                  And when she buys an iPad, how are you going to duplicate that setup?

                  Is it really so hard for you to accept that this family found a solution that works for them?

                  I mean, if he claimed that everyone on the planet should use Linux or else they're less than human, then I could understand your incessent urge to find some flaw or disaster-waiting-to-happen in "steveg's" setup. But he made no such claim (nor did he claim that Linux is completely invulnerable to security issues). He merely described what worked for his family.

                  What part of that bothers you?

    • That may be part of the issue.
      However there is the other issue of being able to afford a better infrastructure.
      Even a basic Home network in America has the following.
      A broadband modem That connects to a Router for their Wireless, This router does basic hardware firewall and acts like a switch between mutable PC's, and even old Wireless systems offer modest encryption. Just by being able to Drop a hundred bucks in equipment we have basic safety. If you are in poor country and don't have a few hundred bucks

  • tl;dr but malware level can only be one metric and is an incomplete definition of security.
    You would expect to find people suffering damaging attacks to their livelihood and important data to be found at a computer with high "security".
    But I bet suffering spam and phishing target rich people which should screw up their metric.
    That, and dividing the world into territories when it should probably be divided into something else like government, military, private computers, mobile, multinationals, kids, etc.

    • by mpeskett (1221084)

      That, and dividing the world into territories when it should probably be divided into something else like government, military, private computers, mobile, multinationals, kids, etc.

      I'm intrigued, how exactly does one go about dividing the world into mobile?

  • by Anonymous Coward

    Using older software (older versions of windows that is) and not having access to a "computer guy" in your family, combined with not being able to just "buy a new computer because the old one is broken" or even using official support would lead to simply not being able to deal with malware.

  • People tend to pirate Windows XP because it is much easier than Windows Vista/7/8 and they probably are running DELL P4 machines thrown to the curb by reasonable people
    • by hedwards (940851)

      I'm not so sure about that. It's not exactly hard to get a pirate copy of Windows 7 in China. Not sure about Vista or 8 though, but I'd be surprised if they were at all hard to get.

  • by CRCulver (715279) <crculver@christopherculver.com> on Thursday February 07, 2013 @10:43AM (#42819933) Homepage

    Computers at internet cafes in third-world countries look as scary and diseased as truck stop hookers. One imagines that whoever set up the computers way back when might have been tech savvy, but the owner paid him for his one-time services, then for the next 5-10 years kept the machines running with no updates or virus scans. The staff hired to work there are just babysitting the machines to make sure no one steals them; they have no greater knowledge of how to fix a problem than restarting the computer.

    I use these establishments only to plug my notebook into a ethernet jack, but a non-insignificant amount of times, to ask to use your own computer instead of their infectious, malware-ridden machines evokes suspicion that are you are some kind of hacker terrorist and they want you to leave.

    • Re: (Score:3, Funny)

      by Ukab the Great (87152)

      I use these establishments only to plug my notebook into a ethernet jack, but a non-insignificant amount of times, to ask to use your own computer instead of their infectious, malware-ridden machines evokes suspicion that are you are some kind of hacker terrorist and they want you to leave.

      Extending and embracing your analogy, it's like bringing your own hooker to a truckstop and they want you to leave because they think you're a pimp.

      • Extending and embracing your analogy, it's like bringing your own hooker to a truckstop and they want you to leave because they think you're a pimp.

        I don't think GP would appreciate you calling his metaphorical wife/girlfriend a hooker.

    • by robbo (4388)

      Bring your own notebook doesn't protect you from pharming and other MITM attacks.

      • by swillden (191260)

        Bring your own notebook doesn't protect you from pharming and other MITM attacks.

        It does if you only use SSL-enabled web sites.

        For gmail users, I believe Chrome (and ChromeOS) now come configured by default to check not just the certificate chain, but even to know which specific certificate to expect. So a compromised CA plus compromised DNS just results in a denial of service. You can also manually check the certificates for other sites you go to (get their fingerprints and write them down when you're at a trustworthy connection).

      • by Hatta (162192)

        That's what SSH tunneling is for. Just connect to Wifi, set up an SSH tunnel, and forward all traffic through it. It's just like browsing at home.

  • by Anonymous Coward

    Now that's a mighty find report.

    Care to compare that rate VS Open Source ?

    Because my memory says Microsoft cuts off machines that are pirated so if you are unwilling to spend a month of ones cashflow for software just so you can get patches OR one can choose to eat, pay rent or property taxes, or electricity.

    This problem lies at the foot of Microsoft and their usary. Unless they can show that it doesn't by comparing Open Source boxes based on things like FreeBSD or any of the various GNU/Linux forkes suff

    • They addressed piracy briefly in the report, but they seemed confused by it:

      "the average piracy rate of countries in the low-CCM cluster was drastically lower than the other clusters. The implications of this observation are complex. Countries that do a better job managing cybersecurity may also do a better job mitigating piracy, or countries with higher piracy rates may have a more difficult time containing malware and other cyber threats."

      The purpose of the paper is to influence specific policy decisions, so apparently they can't see the obvious conclusion, that pirated software often comes with malware.

  • by QuietLagoon (813062) on Thursday February 07, 2013 @10:52AM (#42820035)
    But how can anything that Microsoft says about malware be trusted when Microsoft's own Security Essentials software has problems [informationweek.com] detecting malware?
    • > But how can anything that Microsoft says about malware be trusted when Microsoft's own windows OS can be classified as spyware/rootkit approved by clicking through a multipage EULA?

      FTFY

  • In poor countries the salaries are so low that people can not afford all the software they want. When you make 6000 US$ a year and only one of the application you need costs 2000 US$ , you resort to piracy. There are many cracked applications available in the WEB and most of them insert backdoor traps, trojans and worms.

  • by mmsimanga (775213) <(moc.liamg) (ta) (agnamismm)> on Thursday February 07, 2013 @11:02AM (#42820113) Homepage

    The reason is because anti-virus software on these computers is not updated. Reasons for not updating primarily revolve around how expensive it is to connect to the Internet. I don't live in my home country, Zimbabwe. When I did visit the one time I installed Ubuntu on the home PC because half the time the PC was unusable thanks to malware. I blogged about it here http://www.mahalasoft.co.za/blog/ubuntu-linux-experiment [mahalasoft.co.za] . The next time I visited, Windows XP had be reinstalled on the machine because that is what most of the "technies" knew back home, yes the PC was unusable again.

    • by qwe4rty (2599703)

      How is this modded insightful?

      If it's too expensive for them to connect to the internet to update their anti-virus, it's too expensive for them to connect to the internet and contract malware. That's where the majority of it is coming from. I don't doubt expense might be part of the reason (running unlicensed/unpatched windows machines or trying to find free software that comes riddled with spyware) but I don't see the connection you are making being the primary reason...

      • by mmsimanga (775213)

        In most cases the malware is transported to the unconnected PC via a USB stick that was used at an Internet cafe.

  • Rich countries have better education, news at 10.

  • correlated positively with many characteristics of wealthy nations – . . . higher broadband penetration
    • IMHO, much of the correlation with broadband and wealth may have to do with the security model of Microsoft: A multi-billion dollar industry building add-on malware protection that works largely by comparing incoming traffic to an ever-growing list of malware "signatures".

      To use one of these protection-and-cleanup services you need to do two things:
      - Pay a fee periodically. (The poor need not apply.)
      - Download an ENORMOUS table of new signatures from time to time. (Those without broadband

  • More Macs? LOL
    • by Mojo66 (1131579)

      +1 because the math is easy: 99.9% of all Malware lives on Windows, hence more Macs means less Malware.

  • It's in the title.
  • To make sure you're rich.

  • Most people here in Sweden depends on the internet to do stuff like paying bills, communicate with government agencies, school and what not. Virus infested PCs are often useless for that.
  • by Anonymous Coward

    Countries didn't become rich by accident.

    It's a combination of several things, starting with higher IQs [wikipedia.org] and then including things like rule of law, hygiene, political stability and emphasis on learning.

    In any part of the world, and in every ethnic group, you will find that some countries have broken away from the others and have generally higher intelligence, thus put a priority on things like stability, rule of law, infrastructure, etc.

    It's not an accident they're richer.

    In life, all things come down to th

  • by jaseuk (217780) on Thursday February 07, 2013 @12:27PM (#42820939) Homepage

    When the dodgy $1 Windows+Office disk comes complete with Malware this is really no surprise. I'm sure the $1 Norton disk also comes with free anti-virus+rootkit.

    Jason.

  • There are many reasons why malware is so rampant in poor countries.

    1. If majority of population cannot afford buying software legally, even those who can afford do not buy it, because they see no reason to pay relatively huge money for something that almost everyone gets for free. Piracy creates increases the risk not only because some pirated software may include malware, but automatic update is often disabled to prevent the pirated version being detected by the vendor.

    2. Old computers often mean that they

  • the linux malware numbers are probably minimal
  • This explains why they are always trying to move money out of these countries, the banks are riddled with malware over there.
  • Look at the spam and malware on your system (if any of the latter). Then do a whois on the IP that the spam and phishing comes from, the original received that has a real IP or domain name. Where do they want your money to *go*?

                mark "Nevada? Utah? California? Pennsylvania?"

  • Wow, Microsoft. Really?

    So you're saying that we can solve all of our problems with malware by simply.... becoming richer?

    We never thought about that. Thanks for informing us! We'll get right on that immediately!

    /snark

  • Cancer rates by country (Age-Standardised Rate per 100,000)

    Highest
    1 Denmark 326.1
    2 Ireland 317.0
    3 Australia 314.1
    4 New Zealand 309.2
    5 Belgium 306.8
    6 France (metropolitan) 300.4
    7 United States of America 300.2
    8 Norway 299.1
    9 Canada 296.6
    10 Czech Republic 295.0
    11 Israel 288.3
    12 The Netherlands 286.8

    Lowest
    50 South African Republic 202.0
    49 Albania 202.8
    48 Montenegro 204.3
    47 Romania 205.1
    46 Argentina 206.2
    45

  • I have worked in ICT ops & triage in the richest countries and the poorest. Without doubt the higher malware rate is a function of a lower standard of systems configuration and maintenance. It has nothing to do with the capital cost of the systems and everything to do with the availibility / cost of skilled administration. This scarcity means that functionally, the herd immunity threshold for malware in the localised information ecology is rarely crossed. As in epidemiology generally, different locali
  • Now we can test that model for prediction. EU brain dead leaders decided to cure the public debt crisis by austerity (instead of printing the money that is too expensive to borrow, raising taxes for the wealthier, or whatever alternative you prefer). This is killing the whole continent economy, drowning entire countries into poverty. Will we see a malware surge in Greece, Portugal, Spain?

Hacking's just another word for nothing left to kludge.

Working...