“Regional cyber vulnerabilities are not linked to any single factor”, Rains said, “but to a variety of different socio-economic factors”.
Data from the Microsoft Security Intelligence Report, Volume 15 shows that there is a combination of up to 34 factors (mainly socio-economic in nature) that influence any region. “Malware infection rates are much higher in regions where there are raised levels of strife and turmoil. Political protests and unrest lead to an increased malware infection rate, for example”, Rains explained.
The data for the Gulf States –Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates – shows infection rates of 10 to 12.9 computers per thousand. This, on average, equates to twice the worldwide average.
The other Middle East countries, however, are almost five times the world average. Infection rates for Egypt, Palestinian Authority, Syria, Pakistan and Iraq range between 25 and just over 30 computers per thousand. “Turkey has one of the highest infection rates in the world, with Trojans particularly prevalent”, Rains told Infosecurity.
In Brazil, he explained, “infection rates have come down as regime stability improves detection rates.”
Whilst developed countries may see lower infection rates, the exploit rate doesn’t necessarily correlate, said Rains.“In the US, exploit rate is higher than the worldwide average.”
Microsoft has identified 11 factors as key elements in contributing to the health of a country or region’s security posture. Those that relate to institutional stability are government corruption, rule of law, stability of regime and literacy rate. Other factors can be categorised according to digital access and economic development.
In his presentation at RSA on the same topic, Rains identified best practices of countries with low infection rates:
- Strong public – private partnerships aimed at driving down infection rates.
- CERTs, ISPs and others actively monitoring for threats in the region.
- An IT culture where system administrators respond rapidly to reports of system infections or abuse.
- Enforcement policies and active remediation of threats via quarantining infected systems on networks.
- Regional education campaigns and media attention.
- Low software piracy rates and widespread usage of Windows Update/Microsoft Update.