Correlation between less malware and Convention on Cybercrime adherence, finds Microsoft research


The rate of malware infections in signatory countries of the Council of Europe Convention on Cybercrime tends to be lower than otherwise expected, finds newly released research (.pdf) from Microsoft that examines links between policy and computer infections.  

Countries with lower-than-predicted rates of computer infections, as measured by a model using statistics culled from use of the Microsoft anti-malware utility installed on Windows operating system machines, also have drastically lower levels of software piracy, Microsoft researchers say in a report released Feb. 6. In addition, 46 percent of countries with the lowest rates have signed onto the international spam-fighting London Action Plan.

Microsoft arrived at its conclusions by examining data from 105 countries and using correlative socioeconomic factors such as gross income and computers per capita, literacy rate and the rule of law as variables in a model predicting infection rates. The model has an R squared value of .68, meaning it's of only moderate predictive value, but still "a good starting point for this discussion," researchers say. They rated predicted performance against actual performance to classify countries into three groups--those out-performing their predictions, those satisfying them, and those falling below their predictive performance.

An acknowledged military cyber strategy is not an indicator of over-performance against the model, researchers say; although 51 percent of the out-performers have a strategy, so do 21 percent of the lowest performers.

Some of the model variables that showed a negative correlation with infection rates include computers per capita and research and development expenditure. That is, the higher the rate of computers per capita and R&D expenditure, the lower the rate of infection--although researchers are careful to note that the variables are of correlative, not necessarily causative, value.

Related Articles:
Cyber Europe 2012 revealed national and international cyber attack response holes
More countries to join Convention on Cybercrime, says State Dept. official
INTERPOL effort aims to harmonize cyber info sharing