Half China's Computers Infected by Malware, Study Finds
CREDIT: Sameboat/Public domain
China often gets blamed as the world's biggest hacker, but it may also be the world's biggest victim of cybercrime.
Nearly 55 percent of Windows PCs in China were infected with malware in 2012, said Spanish anti-virus software maker Panda Labs yesterday (Feb. 6) in its annual security report.
However, that conflicts with a Microsoft study, also released yesterday, that said Chinese infection rates were very low, less than half a percentage point, in the last quarter of 2011.
The wildly different numbers may say more about the two companies' different aims than about how infected China, or any other country, really is — and how difficult it is to compile accurate statistics relating to computer security.
Agreeing to disagree
Like China, the country's de facto independent province of Taiwan also ended up at different ends of the studies.
Taiwan had a 42 percent infection rate per Panda Labs, but was lumped in with the mainland on the lowest tier of Microsoft's rankings — 0.5 percent or less.
Both studies did agree on the rankings of certain countries.
South Korea, named by previous studies as the world's most malware-infected country, placed second in Panda Labs' figures, with a 54 percent infection rate. It was midway up Microsoft's scale, with infection rates of between 1 to 1.5 percent.
Likewise, Turkey placed high in infection rates in both studies, while Canada, Ireland and the Nordic countries placed very low.
The United States was midrange in both, with a 31 percent infection rate according to Panda Labs and a 0.5 to 1 percent rate according to Microsoft.
It's not completely clear why the Microsoft and Panda studies had such different results, since they both collected data from each company's widely installed software.
Part of the discrepancy can be explained by the different time scales. Microsoft's study covers a three-month period, Panda Labs' an entire year.
Yet Panda's reported infection rates aren't merely four times as large as Microsoft's — they're 30 to 100 times as large.
Another possible reason may lie in the size and composition of the samples.
Microsoft's numbers were compiled from 600 million installations of its free Malicious Software Removal Tool (MSRT).
The MSRT is an optional download, so its global distribution may vary country by country, but 600 million is a healthy sample size.
Panda's numbers came from its Collective Intelligence service, which collects data from users of Panda's free and paid security software.
It's hard to find just how big, and how evenly distributed, Panda's user base is. The company website states only that Panda's products have "millions of users located in 195 countries around the world."
It could be that the installation base of the MSRT, or of Collective Intelligence, or both, is very low in China, skewing the country's numbers.
As for the tools themselves, neither is a true anti-virus product. Collective Intelligence acts as a scout, detecting and reporting new malware threats to Panda Labs and its clients so that the company's anti-virus software can defend against the threats.
The MSRT is the opposite. It's the cleanup crew, removing malicious files that anti-virus products have detected.
It's easy to see how Collective Intelligence might overreport malware infection rates, since its job is to be safe rather than sorry.
Likewise, the MSRT might underreport those same rates, since it only swings into action when anti-virus software itself fails to remove malware.
For different folks
But ultimately, the real reason for the wildly divergent results may have to do with Microsoft's and Panda's business models.
Like other anti-virus companies, Panda is in the business of emphasizing the malware threat to computers, most of which run Microsoft Windows. To do a good job, it needs to find as many threats as it can.
Microsoft, on the other hand, wants to sell its operating systems, not dwell on how many threats those operating systems face.
Like Microsoft's anti-virus solutions, Windows Defender and Microsoft Security Essentials, the MSRT does an adequate but unspectacular job.
So which report can you trust? Neither, and both. Both reports provide useful and insightful information.
But as with most statistics, reports and other figures tossed around regarding computer security, it's best to always consider where the information comes from, how it was collected and what the party reporting it really wants to say.