A survey conducted by internet service provider America Online (AOL) found that 20% of home computers were infected by a virus or worm, and that various forms of snooping programs such as spyware and adware are on 80% of systems. Despite that, more than two-thirds of home users think they are safe from online threats.
The survey of home computers and their owners reveals a gap between users' perceptions and the prevalence actual threats on the internet.
That gap causes many home computer users to forgo security precautions such as anti-virus and firewall software, and could pose a threat to the integrity of sensitive personal and financial information, which survey respondents said they are increasingly using their computer to manage, according to a statement released by AOL.
The National Cyber Security Alliance (NCSA), a non-profit group that seeks to raise public awareness of cybersecurity issues, also helped conduct the survey.
Technical experts examined 329 home computers connected to the internet with either broadband or dial-up connections in September and October.
Participants were interviewed about their awareness of online threats. Following their interview, AOL technicians examined the firewall and antivirus settings on participants' computers and looked for virus infections and for the presence of spyware and adware.
More than 70% of those who participated in the survey falsely believed they were safe from viruses and online threats, even though almost 20% of those were currently infected by a virus and two-thirds (63%) acknowledged being infected in the past, the survey found.
Spyware was an even more common and under-appreciated problem than viruses, the survey showed. Spyware or adware programs were found on 80% of the computers analysed, with an average of 93% or adware components on the infected machines.
Spyware is a broad term that describes a category of programs, such as keylogging software, that illegally monitors a computer user's activity, often capturing and transmitting that information. Adware describes legally installed software, including web page "cookies", that track user behaviour such as web surfing, often for the benefit of online advertisers.
About 90% of those whose computers were infected with spyware did not know about the infections and did not know what spyware programs were, the survey showed.
In addition to widespread ignorance about computer threats, the AOL technicians found lax security on many of the systems they inspected. While 85% of those surveyed installed anti-virus software on their machine, 67% of those surveyed lacked up-to-date anti-virus signatures that could stop the latest threats, AOL said.
A majority of users, 67%, also go without firewall software that can protect internet-connected machines from attacks, AOL said.
Confusion about the purpose and necessity of security programs may be part of the problem. A majority of users said they did not understand what a firewall is or how it works, and 58% of those interviewed could not explain the difference between a firewall and anti-virus software, the company said.
Users surveyed also were confused or unaware of the symptoms of infections by spyware and other malicious code. For example, 63% of those with pop-up blocking software said they still receive pop-up messages. About 40% of those surveyed reported their web browser's home page or search results being changed without their permission - all classic symptoms of spyware or virus infection.
While those sobering numbers appear to suggest that security software makers are not reaching technically unsophisticated users, an NCSA representative said that user "complacency" was the biggest problem.
"A lot of people believe it's not going to happen to them," said Ken Watson, president of the NCSA. "Computer security is a shared responsibility."
Computer software makers are doing their part to make software products more secure, he said, citing the recent security improvements in Microsoft's Windows XP Service Pack 2 release.
The NCSA is backed by the US Department of Homeland Security and leading security software makers including Microsoft, RSA Security, Symantec and McAfee.
The group published a list of 10 cybersecurity tips on their website (www.staysafeonline.info) and is hoping that news of the survey prompts more users to visit the site and follow its guidance on protecting internet-connected machines, Watson said.
Better security on home machines is becoming more urgent as more individuals use computers for managing sensitive information such as financial and health data, AOL said.
As with the introduction of any new, widely adopted technology, increased computer use requires users to become more threat savvy, Watson said.
Paul Roberts writes for IDG News Service