British mi2g 12-month security audit

The British security research group, mi2g, has completed a 12-month security audit of almost 250,000 Windows, Linux and BSD/Apple run computers that had been broken into.

The results, and what was studied are very interesting.

First off, a couple of definitions:
“Digital breaches” are successful attacks on computers via software such as ‘worms’ - automated software with the intention of breaking into a computer so that it can perform it’s assigned functions.
“Manual breaches” are succesfull attacks on computer performed manually — that is, someone sat at a computer and succesfully broke into another computer some where else.

Ok, so, who does this report say has been hit?
“In 2004, 32.7% of all digital breaches were carried out against micro entities including home-based individuals with 24/7 online computers; 58.8% of all digital breaches were against small entities;…”

So the automated, or ‘digital breaches’ mostly target home and small office computers. Not surprising since these are the folks that know the least about this sort of activity.

Now, let’s go to “manual breaches”:
“The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded…”

The report then states that 25.19% of all breaches recorded were Windows computers, and just 4.82% of all breaches recorded were BSD/Apple targets.

First off, did you note the words “in terms of manual hacker attacks” in reading the above? It might even be worth your while to re-read the 2nd paragraph above now.

(For the uninitiated, Apple’s operating system is based on FreeBSD.)

Now what kind of numbers are they talking here. Well actually they didn’t, but to give you a vivid example of the ‘manual’ versus ‘digital’ breaches, last weekend ZDNet reported that almost 900,000 computers had been infected with the lastest Bagel worm, compared to the 65.64% of the manual breaches in 12 months being only 154,846 computers.

That is almost 1 million ‘digital breaches’ in three days compared to 154.646 ‘manual breaches’ in 365 days. To continue, I believe I could safely state that the odds of a digital breach (mostly Windows) over a manual breach (mostly Linux) are around 20-to-1.

And a quick note on where the problem lies:
“The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to
environments running Open Source including Linux, BSD and Mac OS X.”

Kudos once more to BSD/Apple, and Linux.

What about government computers? Are the results similar? Nope.
“In a remarkable switch in top rank within the Government computing environment over the last twelve months, the most breached Operating System for online systems has now become Windows (57.74%) followed by Linux (31.76%) and then BSD and Mac OS X together (1.74%).”

Kudos to BSD/Apple again, and maybe the British government should think twice about putting Windows 2000 on those submarines? ;-)

As a final note, the report states that:
“…Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware — virus, worm and trojan — proliferation.”

“That pretty much spells it out…”