An AOL survey has found that 20 percent of home computers were infected by a virus or worm, and that snooping programs such as spyware and adware are on a whopping 80 percent of systems. Despite that, more than two thirds of home users think they are safe from online threats.
The survey of home computers and their owners reveals a gap between user perception and the prevalence actual threats on the Internet. That gap causes many home computer users to forgo security precautions such as anti-virus and firewall software, and could pose a threat to the integrity of sensitive personal and financial information, which survey respondents said they are increasingly using their computer to manage, according to AOL.
The National Cyber Security Alliance (NCSA), a non-profit group that seeks to raise public awareness of cybersecurity issues, also helped conduct the survey. Technical experts examined 329 home computers connected to the Internet with either broadband or dial-up connections in September and October. Participants were interviewed about their awareness of online threats. Following their interview, AOL technicians examined the firewall and anti-virus settings on participants' computers and looked for virus infections and for the presence of spyware and adware.
More than 70 percent of those who participated in the survey falsely believed they were safe from viruses and online threats, even though almost 20 percent of those were currently infected by a virus and two-thirds (63 percent) acknowledged being infected in the past, the survey found.
Spyware was an even more common and under-appreciated problem than viruses, the survey showed. Spyware or adware programs were found on 80 percent of the computers analysed, with an average of 93 spyware or adware components on the infected machines.
Spyware is a broad term that describes a category of programs, such as keylogging software, that illegally monitors a computer user's activity, often capturing and transmitting that information. Adware describes legally installed software, including Web page "cookies", that track user behavior such as Web surfing, often for the benefit of online advertisers.
About 90 percent of those whose computers were infected with spyware didn't know about the infections and didn't know what spyware programs are, the survey showed.
In addition to widespread ignorance about computer threats, the AOL technicians found lax security on many of the systems they inspected. While 85 percent of those surveyed installed anti-virus software on their machine, 67 percent of those surveyed lacked up-to-date anti-virus signatures that could stop the latest threats, AOL said.
A majority of users, 67 percent, also go without firewall software that can protect Internet-connected machines from attacks.
Confusion about the purpose and necessity of security programs may be part of the problem. A majority of users said they did not understand what a firewall is or how it works, and 58 percent of those interviewed couldn't explain the difference between a firewall and anti-virus software, the company said.
Users surveyed also were confused or unaware of the symptoms of infections by spyware and other malicious code. For example, 63 percent of those with pop-up blocking software said they still receive pop-up messages. Around 40 percent of those surveyed reported their Web browser's home page or search results being changed without their permission - all classic symptoms of spyware or virus infection.
While those sobering numbers appear to suggest that security software makers aren't reaching technically unsophisticated users, an NCSA representative said that user "complacency" was the biggest problem. "A lot of people believe it's not going to happen to them," said Ken Watson, president of the NCSA. "It's like thinking that you're never going to get in a car wreck either, or get sick - they have the same attitude towards computer security. Computer security is a shared responsibility."
Computer software makers are doing their part to make software products more secure, he said, citing the recent security improvements in Microsoft's Windows XP Service Pack 2 release.
The NCSA is backed by the US Department of Homeland Security and leading security software makers including Microsoft, RSA Security, Symantec and McAfee. The group published a list of 10 cybersecurity tips on their website and is hoping that news of the survey prompts more users to visit the site and follow its guidance on protecting Internet-connected machines, Watson said.
Better security on home machines is becoming more urgent as more individuals use computers for managing sensitive information such as financial and health data, AOL said. As with the introduction of any new, widely adopted technology, increased computer use requires users to become more threat savvy, Watson said. "It's like the introduction of cars and new roads in the last century - people need to use them wisely and safely," he said.