It may seem counterintuitive if one considers malware infection to be opportunistic and therefore a numbers game—the more endpoints available, the higher the number of infections—but Microsoft has found that regions with the lowest malware rates on average had more personal computers in use per capita, higher health expenditure per capita, regime stability and greater broadband penetration.
Microsoft’s Security Intelligence Report (SIR) covers threat intelligence about malware trends globally on an annual basis, but the software kahuna has released a special edition, “Linking Cybersecurity Policy and Performance,” which cross-references malware data with more than 80 socio-economic factors across 105 countries.
“These new correlations and trends provide objective data for governments and policymakers – data that will help them make informed decisions to minimize cyber risks and support internet growth in their own regions,” Microsoft said, in an announcement.
The regions with the least amount of malware infections averaged about five computers cleaned of malware per thousand, compared to 18 computers cleaned per thousand for high-risk areas (on average, more than three times as much malware was found here than in the low malware regions).
“Understanding how we measure regional malware infection rates is an important piece to this puzzle,” explained Tim Raines, director of trustworthy computing at Microsoft, in a blog. “Using the raw number of systems reporting malware infections in each location around the world isn’t very useful in this context because this data is biased by differences in populations, sizes of personal computer install bases, the number of systems using Windows Update and Microsoft Update services, etc. The Microsoft Malware Protection Center normalizes regional malware infection rate data so we can more accurately compare the infection rates of countries/regions on an apples-to-apples basis. We call this normalized measure computers cleaned per mille (CCM). The CCM tells us how many computers are infected with malware for every 1,000 computers that are scanned by the Microsoft Malicious Software Removal Tool (MSRT).”
The study also found that low-malware regions, 43% of which were located in Western Europe, had a comparatively lower average piracy rate of 42% compared with a higher average piracy rate of 68% for high-malware areas, 52% of which were located in The Middle East and Africa.
Almost half of the low-malware countries had either signed a cybersecurity international treaty or a voluntary code of conduct, compared to lower than 10% of high-malware countries; and, the regions with the most malware on average typically had low literacy rates, low broadband speed and penetration and high crime per capita.
“Over the past several years I have had the opportunity to talk to customers and governments all over the world about the threat landscape and the data we publish in the Microsoft Security Intelligence Report (SIR),” said Raines. “During these conversations, regional malware infection rates always garner a lot of discussion. One of the most interesting questions I’m increasingly asked is what factors contribute to the differences in regional malware infection rates? Or what do regions with low malware infection rates do differently than regions with high malware infection rates?”
While there is much more work to do before those questions can be answered definitively, “this new study gives us a few more pieces of the puzzle by providing more insights into the socio-economic factors and public policies contributing to differences in regional malware infection rates,” Raines concluded.