Monday, October 18, 2010

Microsoft maintains pressure on U.S. to step down as leader in global infected devices

Security experts continue to frighten internet users in the U.S. with a number of studies emphasizing the dangers of surfing the web in the country.

Microsoft is behind the latest research that portrays the internet in the United States as a minefield. Not long after Sophos published its "Dirty Dozen" report that showed the U.S. led all other countries by at least 11 percent in spam production, Microsoft released research that found the United States also contains the highest number of infected PCs in the world.

The study found more than 11 million PCs in the U.S. were infected with botnets from January to June this year. The most recent research indicates consistency in the most infected countries, as the U.S., Brazil and China were at the top for Microsoft's second consecutive report.

The combination of increasing email spam and a global lead in botnet infection has made for dangerous grounds in the United States. Botnets are typically distributed through spam emails, which are largely sent from unsuspecting email users' accounts without their knowledge of an infection. Botnets are especially dangerous because they secretly infect computers and allow cyber criminals to control them from a remote location. This gives them access to sensitive information and allows them to turn the infected computer into a launch point for further spam emails.

For Microsoft, the research reiterates one of its executives' calls for an internet quarantine system. Last week, Scott Charney, corporate vice president for trustworthy computing at Microsoft, wrote an extensive company blog post detailing a proposed quarantine system to cut off infected computers from internet service. Because botnets are largely delivered through spam emails sent from other infected devices, Charney's proposal would, theoretically, substantially reduce the number of infected devices. Hopefully, for Charney and Microsoft, such a move would change the country's reputation as a hub for infectious malware to a worldwide security leader.

"Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society," Charney wrote.

However, as Charney and other security experts agree, devices in the United States are more susceptible to infection than innovative in security. Even the outdated Conficker worm, which has been in the wild since 2008, is still the most common malware found among the 600 million devices involved in Microsoft's study. The research found more than 20 percent of the devices involved were linked to Conficker.

With the emergence of Stuxnet and Zeus malware posing significant security threats lately, web users in the United States don't seem to be heading for clear waters, even if the Conficker worm becomes less prevalent. The only available protection, security experts explain, is keeping security software up-to-date and practicing safe email and web surfing behavior.