A study of home PCs in the US has found that about 80 percent had been infected with spyware almost entirely unbeknownst to their users.
The study, funded by America Online and the National Cyber Security Alliance, found home users mostly unprotected from online threats and largely ignorant to the dangers. AOL and the NCSA sent technicians to 329 homes to inspect computers.
"No consumer would walk down the street waving a stack of cash or leave their wallet sitting in a public place, but far too many are doing the exact same thing online," Tatiana Gau, AOL's chief trust officer, said in a statement. "Without basic protections like antivirus, spyware and firewall software, consumers are leaving their personal and financial information at risk."
Nearly three in five users do not know the difference between a firewall and antivirus software. Desktop firewall software regulates which applications on a PC can communicate across the network, while antivirus software detects malicious code that attempts to run on a computer, typically by pattern matching. Two-thirds of users don't have a firewall installed on their computer, and while 85 percent of PC owners had installed antivirus software, two-thirds of them had not updated the software in the last week. The study found one in five users had an active virus on their machines.
"Protecting the safety of our technology infrastructure means protecting the computers of individual Americans," Dan Caprio, deputy assistant secretary for technology policy at the US Department of Commerce, said in a statement. "This study highlights just how important it is for individual Americans to take their cybersecurity seriously, not just as a matter of personal safety, but as a matter of our country's security as well."
The comments underscores the Bush administration's position -- as outlined in the National Strategy to Secure Cyberspace -- that the nation's cybersecurity by necessity has to rely on every computer owner to secure their own system. Yet, the study highlights the fact that most home users do not understand the risks involved in connecting their computer to the Internet nor how to secure their systems.
The 329-person study found that, while eight of 10 users had spyware, the vast majority of them -- nearly 90 percent -- had no inkling that their systems had picked up a digital hitchhiker.
Spyware can allow unknown intruders steal important personal or financial information from victims' computers, and some allow the attacker to have full control of the systems. When networked together, the systems can from a digital army, known as a botnet, that can be used to attack other networks.
Educating users about such threats is one of the initiatives called for by the United States' National Strategy to Secure Cyberspace. Microsoft has also added enhanced security to its Windows XP operating systems in its Service Pack 2 update.
Talkback
It is difficult to distinguish some marketing research tools from spywares. As president Bush needs support from ad firms, very limited choices are left for the US government.
I would suggest that it is NOT the home PC,
but the operating system that it runs, that puts
cybersecurity at risk. And a certain ubiquitous
software vendor should be held far more responsible for the deficiancies of their product.