Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Botnet Security United States IT

US Reigns As Most Bot-Infected Country 121

Posted by samzenpus
from the we're-number-one dept.
Trailrunner7 writes "The US has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected PCs as the country in second place, Brazil, according to a new report by Microsoft. The quarterly report on malicious software and Internet attacks shows that while some of the major botnets have been curtailed in recent months, the networks of infected PCs still represent a huge threat."
This discussion has been archived. No new comments can be posted.

US Reigns As Most Bot-Infected Country

Comments Filter:
  • I'm sure they failed to mention the OS with which most infected computers are running. :p

    • by DarkKnightRadick (268025) <the_spoon.geo@yahoo.com> on Wednesday October 13, 2010 @05:15PM (#33888430) Homepage Journal

      I take that back. Not only do they report which OS, but claim their count by how many computers their malicious software tool has cleaned. lol

      • by shadowbearer (554144) on Wednesday October 13, 2010 @06:45PM (#33889002) Homepage Journal

          Which is only a small fraction of the real infections out there. I've cleaned thousands of infected computers since MS introduced that tool, and I've yet to see one which the tool dealt with adequately.

          (Don't bother to say "Yeah, but if it dealt with it, you wouldn't see the computer!" If they really believed that tool was effective, then Microsoft wouldn't include the warning "you don't appear to have an antivirus solution installed" in their security center warning, now, would they?)

        SB

        • No kidding. And every last one of them, I'd imagine, is running some form of Windows. It's actually quite scary. The fact that MS can spin this good for themselves and people buy it? Even scarier.

        • Which is only a small fraction of the real infections out there.

          Indeed. But what the submission doesn't mention is that while the US may indeed have four times the number of bots of its nearest "rival", it also very likely has four times as many computers in total. In other words, a fairly pointless non-statistic.
          •   All statistics are pointless; because the numbers depend on who compiles them. Which is a small part of what I was trying to point out. ;-)

            SB

          • Re: (Score:1, Offtopic)

            by shadowbearer (554144)

            ...and many more computers running Microsoft products, as well.

            I'll probably catch hell for this here, but here's an example of programming stupidity that has irked me for a while, and I ran into when I tried to "friend" you (so that I'd see your posts, the whole reason for the "friend" modifier in the first place):

            You have over 200 friends and foes at the moment.

            Oh noes!!!!!!!!!!!

            I know it's an arbitrary number... but I haven't been able to friend/foe anyone for about five

            • by mcgrew (92797) *

              Subscribers get 400, which I found out a while ago when I tried to friend three people who friended me and couldn't friend them and mentioned it in my journal. One of them bought me a subscription! So now I have almost 300 friends, the same number of fans, no foes and almost 30 people who freak out when they see one of my posts.

              If you have a lot of foes, make the least bad ones neutral to free up space for friending.

              • If you have a lot of foes, make the least bad ones neutral to free up space for friending.

                If you have any foes at all, maybe you should get out more. Over the last decade or so, I've come across posters with whom I disagree completely enough to nudge me to rank them as a foe, only to find a few months later that they are talking complete sense on another topic.

                There's no reason why this forum has to be adversarial, and it would probably be better without this friend/foe claptrap.
                • by mcgrew (92797) *

                  I agree about the foes (I have none), but friending someone does have advantages, such as being notified when someone with interesting journals posts a new one. I friend fans out of simple courtesy.

                  At one time I figured that the few foeing me were probably trolls, until I looked up a few of them and found that they were all good, contributing members. It's a mystery to me except one guy; there was a subthread where I mentioned that I stayed away from married woman but considered any unmarried woman fair gam

  • by Anonymous Coward on Wednesday October 13, 2010 @05:19PM (#33888462)

    Eat that China. You suck!

    • Not so fast. Looks like the main sources of data are MS security tools like Windows Defender, MSRT, Microsoft Security Essentials etc which are available only if you have a licenced copy of Windows. As far as I know there is no such thing as a legal copy of Windows in China.
  • I read the TFA (Score:4, Insightful)

    by OzPeter (195038) on Wednesday October 13, 2010 @05:21PM (#33888478)
    But after a short glance I still couldn't see if this is a "per computer" basis for the country or simply a "total pwned" basis.
    • Re:I read the TFA (Score:5, Informative)

      by Unoriginal Nick (620805) on Wednesday October 13, 2010 @05:24PM (#33888506)
      The US is most in absolute numbers. In rate per 1000, Turkey [microsoft.com] has the highest rate.
      • by hedwards (940851)
        Numbers that haven't been normalized are terribly uninformative. I'm sure that per 1000 isn't the best way of doing it, however it's a lot more useful than going with the gross number. Especially since the US is the 3rd largest nation by population behind India and China with Indonesia right behind us.

        It would be almost impossible for us to ever be behind a nation like Switzerland which is substantially smaller than us, regardless of policies in place. Given that we've probably got more computers infecte
      • There's the point about licensed copies of Windows involved made elsewhere in the thread, but besides the absolute count vs. rate point, the impression given is that a large number of bot activity emanate from US computers compared to other countries.

        There is other bot activity such as generating email or probing networks to infect other computers that I don't see, but I can tell you it isn't forum board spamming coming in large numbers from US computers. It comes

    • Re:I read the TFA (Score:5, Informative)

      by T Murphy (1054674) on Wednesday October 13, 2010 @05:31PM (#33888560) Journal
      The actual Microsoft report has a map [microsoft.com] that is far more informative than the article itself. As expected, Brazil has a higher infection rate than the US, with the US only leading by gross number of infections. Of course, this data is just number of infections detected and cleaned- it isn't necessarily a complete survey. From the site where the map is given:

      Figure 15 [the map] shows the infection rates in locations around the world using a metric called computers cleaned per thousand, or CCM, which represents the number of reported computers cleaned for every 1,000 executions of the MSRT.

      The actual site is here [microsoft.com] if you want to get straight to the information (link is also given in the article).

      • by orient (535927)
        The map is missing a continent! (Antarctica)
      • You know what's insightful on that map? You see white spots. And then map those over real countries. Bang! There's North Korea, the most internet-free, Microsoft-free, infection-free country in the world! Also Sudan and Iran. Interesting...
      • It needs to be noted that Brazil has a much higher rate of use of Linux than the USA. It is certainly high enough to skew these statistics and might be high enough that, if it were taken into account, would cause Brazil to fall out of worst place.

        Of course there is the notoriously difficult problem of assessing how many persons are using Linux, so there is probably no way to estimate the penetration of malware in all computers in use.

      • by ginbot462 (626023)

        I notice viruses don't cross over into Canada. The border guard is doing a great job not allowing export of a military grade infections. That, or the mounties and socialized medicine are doing great jobs at protecting computers.

        And that is amazing since MS is so prevalent in Canada.

        http://www.cbc.ca/health/story/2008/09/18/f-multiple-sclerosis.html [www.cbc.ca]

    • Re: (Score:1, Offtopic)

      by Jaime2 (824950)
      Yep, "total infections" is as poor a number as "most stolen car". Sure, a Honda Civic is the most stolen car, but that's because it is the most popular car and does nothing to describe either the effectiveness of the loss-prevention the habits of Honda Civic drivers or how likely your Honda Civic is to be stolen. It doesn't even help you choose a new car, it's likely that the most theft-proof car is somewhere in the middle of the list because it is a high value target (otherwise why would the manufacturer
      • by socsoc (1116769)
        You had a good point and then went way off on a tangent.
        • by Jaime2 (824950)
          But how much juice does this topic really have? If somebody doesn't get us off on an interesting tangent, this thread will become nothing but a series of "Windoze" and tounge-in-cheek "Go USA" jokes.
        • by lxs (131946)

          Yeah but bonus points for using a car analogy.

    • by c0lo (1497653)
      From the point of view of a site under DDoS originated from a botnet, I don't think the "relative percentage of zombies to the total number of computers in a certain country" matters too much - a pwned computer is a pwned computer no matter if it is "one in two" or "one in 1000".
  • I blame Window#BUY TIX NOW 4 SALE only $19,99 in America dollar! Extra fine speci4l sauce extra.

    You give gold, please.

  • At least throw in some off-the-wall super-twisted headline. How's a post like this supposed to generate views and comments other than tired old rants like this?
  • Quick Question (Score:5, Insightful)

    by Monkeedude1212 (1560403) on Wednesday October 13, 2010 @05:24PM (#33888504) Journal

    How many computers total are in the US compared to other countries of the world?

    Simple counts don't cut it in the real world of statistics.

    I bet 100% of Canadian computers could be infected and we still might not beat out the US. Considering the Population of California alone is greater than our national population (or at least it was last time I checked).

    • by tacarat (696339) on Wednesday October 13, 2010 @05:33PM (#33888568) Journal
      Real statistics don't cut it in the world of headlines.
    • this (Score:4, Interesting)

      by buddyglass (925859) on Wednesday October 13, 2010 @05:37PM (#33888588)

      Exactly. Here [microsoft.com] are Microsoft's statistics after computer prevalence is taken into account. Quote from that page:

      Among locations with more than 200,000 executions of the MSRT in 2Q10, Turkey had the highest infection rate, with 36.6 computers cleaned for every 1,000 MSRT executions (CCM 36.6). Following Turkey were Spain (35.7), Korea (34.4), Taiwan (33.5), and Brazil (25.8). All have been among the locations with the highest infection rates for several periods.

      Locations with the lowest infection rates include Belarus (1.3), Bangladesh (1.5), Sri Lanka (1.8), Tunisia (1.8), and Morocco (1.9).

      Given the very low infection rate of most of Africa, though, something tells me Microsoft's "CCM" metric may not perfectly reflect real infection rates.

      • Re: (Score:1, Interesting)

        by Anonymous Coward
        1) The highest country had only a 3.66% detected infection rate. I think this really shows how ineffective the malware removal tool is. Judging by the non IT run computers that I come in contact with, approximately 100% are filled to the brim with toolbars, random processes, and odd start up programs. 2) Africa's number is only so low because you can't cure AIDS.
        • by tlhIngan (30335)

          The highest country had only a 3.66% detected infection rate. I think this really shows how ineffective the malware removal tool is. Judging by the non IT run computers that I come in contact with, approximately 100% are filled to the brim with toolbars, random processes, and odd start up programs.

          Except, it isn't.

          MSRT (Malicious Software Removal Tool) is NOT an antimalware/antispyware/antivirus solution (Microsoft's version of that is called Microsoft Security Essentials). MSRT is a small tool run once eve

    • by martin-boundary (547041) on Wednesday October 13, 2010 @06:04PM (#33888740)

      Simple counts don't cut it in the real world of statistics.

      Huh? It entirely depends on what the statistics are being used for. Simple counts are useful when the amount of activity is proportional to the population size.

      For example, with a botnet, it's the absolute number of bots that matters, because the bots in a botnet are interchangeable (it doesn't matter where they're located, or what processor they're running, etc).

      So if you're going to propose botnet solutions on a per country basis, then you want to know which country has the greatest number of active bots, not the country which has the greatest percentage of infectected computers.

      • by c6gunner (950153)

        So if you're going to propose botnet solutions on a per country basis, then you want to know which country has the greatest number of active bots, not the country which has the greatest percentage of infectected computers.

        Um, no. That only works if your "solution" is to sever the affected country from access to the internet. Otherwise you still care more about percentages, because as the percentage level decreases your efforts to combat the problem quickly run afoul of the diminishing returns.

    • by SkeeZerD (972760)
      Isn't Canada just another state? I thought canadians were just americans trapped under the maple leaf.
    • by c0lo (1497653)

      How many computers total are in the US compared to other countries of the world?

      If your site is under attack from a botnet, do you care much if a zombie is Canadian or in US?

      • How many computers total are in the US compared to other countries of the world?

        If your site is under attack from a botnet, do you care much if a zombie is Canadian or in US?

        Well, I much prefer the overly polite Canadian zombies, myself....

  • by Anonymous Coward

    Our Federal Department of Cyber Defense is as effective as tepid jello against spammers and spambots.

  • True measure (Score:5, Insightful)

    by javelinco (652113) on Wednesday October 13, 2010 @05:31PM (#33888552) Journal
    This report is not a good measure of anything. It only counts botnets cleaned by Microsoft's program, and it doesn't talk about infections per capita. It measures nothing, and is pretty close to useless. Yay. Okay, that's not totally fair - there is useful information in it. But the article has very little of that information, and the summary has none of it. Now, yay.
    • Re: (Score:3, Insightful)

      Absolutely true -- any estimate of total botnet populations that isn't in excess of 100 million can safely be disregarded as the product of either (a) poor methodology or (b) creative public relations.

      Moreover, since these statistics are allegedly based on the number supposedly cleaned up, they've severely biased toward "systems which happen to have the appropriate cleanup tool installed AND which happen to have malware that the cleanup tool knows about". Given that the bad guys have copies of the cleanup

    • ...the article has very little of that information, and the summary has none of it.

      The first rule of Slashdot.

  • Numbers... (Score:3, Insightful)

    by citoxE (1799926) on Wednesday October 13, 2010 @05:37PM (#33888590)
    The reason more Americans are infected is because of the sheer amount of computers we have. As others have noted, it's really the percentage per 1000 that are infected that really count. I would bet that most people nowadays have more than one PC in their home, so the statistics are skewed if no one is playing by the same rules.
    • by Tanktalus (794810)
      How about those of us running multiple VM's on a single box? I'm sure that skew is being ignored, too :-P
    • Re: (Score:2, Funny)

      by Anonymous Coward

      percentage per 1000

      Idiot

  • IT staff (Score:3, Interesting)

    by NetNed (955141) on Wednesday October 13, 2010 @05:38PM (#33888596)
    Could it be from the down playing of hiring a proper IT staff that actually knows what they are doing, or paying a professional that knows how to properly remove and repair things? Sure most reading this know to run scans of up to date tools to remove infections on PC's, but in my experience most put up with it till performance is to the point of crippling the PC or network. Then a outside IT is called in and sometimes is treated like they are somehow to blame for the issues they are experiencing and try and use that as an excuse for not hiring a real IT person that actually knows what security is about. Of course this is for smaller sized business, but I have seen things as stupid as this in larger sized companies that think they are really saving something by having a secretary or high school kid run their network.
    • Re:IT staff (Score:4, Informative)

      by david.emery (127135) on Wednesday October 13, 2010 @07:21PM (#33889202)

      It's clear from my experience that you need a competent IT staff to run a network of Microsoft machines.

      It's also clear from my experience that a reasonably intelligent group of Mac users do NOT need the same level of help. That's not to say they never need "professional experience," rather to point out that a single trained Mac IT support person takes care of a LOT more installations than a trained Windows IT support person. In the company I used to work for, I think that number was about 25-1; there were 2 Mac people supporting an installed Mac user base of several hundred in a department of, I don't know, 25-50 maybe for a Windows installed base of several thousand. Now some of those people did servers, routers, etc, and not just desktops.

      Running a server, whether Windows, Mac OS X Server or Linux, requires a deeper level of training, experience and time investment.

      • by sirsnork (530512)
        So, let me get the striaght...

        It takes 2 people to take care of about 200 Macs, and ~30-35 people to take care of 2000 Windows machines, of which some are servers, and you admit some of those take care or network/firewall/routers etc. To me that looks like your desktop support people are almost exactly equally distributed between Mac and Windows, about 1/100 with the rest of the Windows guys running the servers and the network.

        Honestly I'd say those numbers are pretty good overall from a machine per t
  • So can someone explain why this is news? Sounds more like it reflects the number of computers in the country!
  • China gave birth to 4 times as many babies as the US in 2010, so obviously they just love making tons of babies over there.
  • Forgive my ignorance on the subject matter, but why can't we fix this?

    Is it because the infected machines have no anti-virus or anti-malware? Would a free AV program installed on the maxhine fix the problem on an individual machine?

    Is it because it is too hard for most AV programs to detect a Bot?

    Is it because there are too many older computers that don't have a supported AV solution?

    Could a free AV check on the most popular homepages (google.com, yahoo.com, live.com, etc) inform users that they are potenti

    • by hedwards (940851)
      The main reason is that we just have more boxes than any other country. But beyond that it's primarily and issue of ignorance in the people using the machines. Our users aren't the worst in that respect, but they could use a lot more education. I've personally not ever had any trouble, but then again, I run anti-malware protection and a sandbox and I'm mindful of where I go play.
    • The problem isn't cleaning up the malware, the problem is preventing it from getting back there shortly afterwards. No anti-malware tool will help if the OS permits applications to run outside the sandbox - even if it asks for user permission to do so, casual users will happily click on "yes" the requisite amount of times to see the promised boobs (or whatever). The only true fix is iOS-style walled garden where the OS does not let the user make security decisions at all (and hence make mistakes about them)

  • Seriously, this should be a holiday or something... when everyone reformats and goes back to a clean install. Good bye botnets, at least for quite a while...Too bad, as a species, we don't seem capable of this kind of synchronization.
    • by Merls the Sneaky (1031058) on Wednesday October 13, 2010 @08:31PM (#33889614)

      Too bad, as a species, we don't seem capable of this kind of synchronization.

      Actually as a species we are quite capable of synchronisation, the problem is people only synchronise of trivial bullshit EG: sporting events.

      • All work and no play makes Jack a dull boy....

        Seriously /.'ers, there are people out there that don't consider computer maintenance as a fun thing to do. I know, it's blasphemy, but variety is the spice of life.

      • Yes, did my statement "this kind" not attempt to say that?
    • by hedwards (940851)
      Humans are predominantly a herd animal. Most people want to do whatever other people are doing and it's really scary once you start to notice it. One of my friends used to volunteer for campaigns and one thing she'd be responsible for at times was starting the applause. Which meant being doing the first three or four claps that started everybody else clapping.

      I wasn't there, but I have observed the phenomenon myself and I don't think that there's any way of looking at it which isn't terrifying.
  • Not flamebaiting, just actively curious.
  • by Anonymous Coward on Wednesday October 13, 2010 @07:54PM (#33889432)

    Sorry to disappoint the USA #1 fans, but it should have read: The U.S. has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected PCs as the country in second place, Brazil, according to a new report by Microsoft, until Microsoft's malicious software removal tool cleaned up said computers so those stats are no longer valid.

  • I am so sick of my mother's computer getting owned. Lay off the warez and porn sites ma.

    What the hell can I do so she'll stop calling me for tech support when her computer starts acting like Robin Williams on crack every other week?

    • Re: (Score:3, Funny)

      by cbiltcliffe (186293)

      What the hell can I do so she'll stop calling me for tech support when her computer starts acting like Robin Williams on crack every other week?

      Next time you show up to fix it, act like Robin Williams on crack.

    • by s_p_oneil (795792)

      Here are a few options:

      1) Don't give her an admin account. If she's using XP or higher, give her a "guest" account. She won't be able to install anything, but that's a good thing the next time she clicks on a trojan or visits a web site that tries to silently install something. She'll still get viruses, but if they can't break out of her user folder, they can be cleaned off by simply logging on as the administrator and renaming her user folder (so you can move her documents and favorites to the new user fol

  • COMMON GUYS! This is a website that is *supposed* to consist primarily of intelligent people and nobody asked the important question, or pointed out the moronic flaw!

    Of course the US will have the highest absolute number of infected computers, we have the highest number of computers period! This is only relevant if we have the highest PERCENTAGE of infected computers. if 10% of our computers are infected and 100% of canada's computers are infected, we still probably have a lot more infected computers than

  • There are a lot of privately owned Windows boxes in the USA that have fast internet connections and excessive amounts of CPU and RAM. This combination is surely juicier than the kind of specs and connections and (importantly) volume you can get in most other places. I would be shocked if first-world countries with large tech sectors were not the biggest source of compromised computers.

  • This is the best Microsoft achievement. Keep running Windows ...

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...