Youngsters prone to computer infections
Savvier users are worst culprits when it comes to online security, study suggests
It turns out that all those young technological whippersnappers may have a thing or two to learn from their grandparents when it comes to computer security.
The first clinical study on the effect of technology and human behaviour on malicious software, done by a researcher at Polytechnique Montréal, had some surprising results about some widely held assumptions that women and older people are more susceptible to computer infections.
There was actually no significant difference in exposure rates between men and women and, while just a few older people participated in the pilot study, they had fewer security issues than younger people.
In fact, it was the most computer savvy users who turned out to be the group most at risk.
Researcher José Fernandez sought to look more specifically at the ways in which behaviour affects computer security.
Most people know they shouldn’t open emails from unknown senders, for example, but even the most security-conscious users are open to attack through unknown vulnerabilities, and even the best security measures can be circumvented as a result of poor user choices, the study found.
These security breaches have led to a fraud industry that Fernandez said is estimated to be worth billions of dollars.
So it seemed worthwhile to him to assess the performance of anti-virus software and the likelihood that computers would become infected with malicious software, known as malware. His four-month study involved 50 participants who agreed to use laptops that were monitored for possible infections and user behaviour.
He acknowledges this isn’t a large study with definitive results, but considers it a starting point and is already planning a larger, more indepth study.
Still, the study yielded some interesting results.
Everyone who will be getting new computers or iPads for Christmas should know that, without anti-virus software, two out of five of them will be infected with malware by May 1.
The study showed that 38 per cent of users’ computers were exposed to malware and 20 per cent were infected, even those equipped with anti-virus software.
“No amount of technology is ever going to fix this problem,” Fernandez said. “There’s no silver bullet when it comes to computer security.”
There is, however, education, and he believes that may be the only way to influence users to change their behaviour.
There are several stages involved when computers are targeted for fraud, but the first stage is always infection and that was Fernandez’s concern because it usually involves an action, such as clicking on an email or within a website.
A popular trap these days is to lure people to websites by promising “royal baby” photos, he said.
It stands to reason, therefore, that people who spend more time on the Internet and are more interactive are also more likely to be infected, which may explain why the most savvy users were most at risk.
Fernandez said he believes that younger, more agile users lack the risk-averse instincts of the older generation — and that may be opening them up to security risks.
“Kids have much less restraint about privacy and don’t think about consequences,” said Fernandez, a computer science professor who is writing a book about computer security. “They might know that after midnight they shouldn’t walk in dark alleys, but they haven’t carried that mistrust over to the Internet.”
But their ever-cautious grandparents have.
“Whether it’s age or fear, older people have a different culture of risk,” Fernandez said in an interview.
But there is still much work to be done to have a greater understanding of the behaviours that are compromising computer security.
“I want to be able to tell governments and schools what works in terms of software and behaviour,” said Fernandez. “But we are just starting to scratch the surface of a very important issue.”