Microsoft Divulges How Socio-Economic Factors Have Direct Relationship with Malware Infection Rates

There are virtually countless factors that come into play when it comes to malware infection rates in certain areas of the world. With that said, Microsoft recently did a comparison where they relinquish how socio-economic factors have a big influence on certain countries or geographic regions having higher malware infection rates than others.

In a Special Edition Microsoft Security Intelligence Report: Linking Cybersecurity Policy and Performance, it is revealed how patterns or policies are used to help distinguish countries with differentiating cybersecurity levels. The report methodology was broken down in a blog post by Kevin Sullivan, principal security strategist at Microsoft Trustworthy Computing and author of the report.

One aspect of numerous reports and studies conducted by Microsoft over the years as always raised the curiosity of consumers to know what factors contribute to the differences in regional malware infection rates. For a more specific answer to this very question, Trustworthy Computing's Global Security Strategy and Diplomacy team took an examination of 34 socio-economic factors to uncover socio-economic influence among malware infection rates.

In the examination, many factors such as gross income, mobile penetration, literacy rates, computers per capita, Facebook usage, political and economic stability in the regions, political stability, economic stability and many others were considered as the criteria. This data was compared against malware infection rates for a total of 105 countries. Figure 1 below shows the infection rates color coded where the darker colors represent higher infection rates in those regions of the world.

Figure 1. Infection rates by country/region in 4th quarter 2011 - Computers Cleaned per Mile - source: Microsoft

With such data and criteria for the examination, it was determined that the best performing countries had an infection fate of 5 machines infected per 1,000 scanned. The worldwide average hovers around 8.9 infected systems per 1,000 scanned. Of these countries, 43% were located in Western Europe, 29% in Central and Eastern Europe and 17% in Asia Pacific.

Figure 2 puts infection rates in the United States in perspective based on several criteria in the region. This data can be directly put in comparison with other areas of the world for a constructed baseline of how social-economic conditions affect malware infection rates.

Figure 2. United States socio-economic factors examined in Microsoft's study during 4th quarter of 2011 - source: Microsoft

On the other end of the spectrum, countries with lower rates of malware infections also had low levels of software piracy. This is not really a big surprise considering software piracy and cybercrime most often go hand in hand. Poorer performing countries had an infection rate of 18 infected systems per 1,000 scanned. The majority of high-infection rate countries had a concentration in the Middle East and Africa making up 52% while Asia Pacific had 21% followed by Latin America with only 10%.

Microsoft also added a break down for countries in African and the Middle East having a high piracy rate of 68%, well above the "better performing" areas in the USA and Western Europe. Peer-to-peer file sharing sites, known for distribution and sharing of low-class software and the culprit for countless malware infections, was found responsible for a high number of infections. Microsoft said, "This is unsurprising, as pirated software poses a serious security risk to its users." Basically, these are our exact sentiments considering the track record of peer-to-peer sites and being a major player in the spreading of malware.

It is believed by Microsoft that it may not be a direct correlation between infection rates and online piracy; however, they believe there are foreseen benefits to protecting intellectual property.

In the full spectrum of social-economic conditions playing a part in malware distribution, you have regulations in some regions that could throw a virtual wrench into some assumptions without acquiring additional information first. The commonality throughout the data will show that countries with lower infection rates shared various regulations, such as regional policy parameters and legal authority to prosecute cyber-criminals after an authorized investigation. The Microsoft report reveals that a whopping 51% of countries who performed better than average had a formal strategy in place for regulations while 21% of low-performing countries had the same.

In the end, it is apparent that policymakers have a strong-hand in both ends of the socio-economic spectrum. The impact is clearly evident and may emphasize to law-makers to do more to crack down on certain aspects of cybercrime to ultimate abolish high malware-infection rates in virtually any economic condition.