83 enterprises from North America, Latin America, Europe and Asia Pacific participated in a risk-free, 2-week security assessment that allowed Trend Micro to monitor an enterprise’s security environment and help them discover how, why and where security threats happen. Of these, 16 were from the education and health care sectors, the two sectors showing the highest rates of malware infection.
industry sector% of organizations with “very high” malware infection rate* Health Care 75% (n = 4) Education 33% (n = 12) Public Sector 22% (n = 23) Financial Services 14% (n = 7) Manufacturing 11% (n = 27) all industries 20% (n = 83)
* “very high” are those in the top quintile (>80 percentile) observed across all industry sectors.
Although the sample size is small, the health care sectpr exhibits significantly higher rates of malware infection than the other sectors. Trend Micro security assessors discovered that 75% of the health care organizations monitored had “very high” levels of malware infections in their networks. This contrasts with 20% "very high" for all sectors.
A possible factor in the health care sector's higher infection rate may be the relatively high number of uncontrolled internet-communicating devices used by visitors to hospitals and clinics compared to other industry sectors.
But not compared to universities, where uncontrolled student computers are the norm. Which brings us to the sector with the second highest infection rate: the education sector.
In the education sector, 33% of the monitored institutions exhibited "very high" malware infections rates. Possible causes here may be related to colleges having to contend with students bringing infected laptops into their networks, heavy usage of social-networking sites, pirated media and software programs that redirect to malware; and infected USB drives that students use to store files and homework assignments.
The Trend Micro security threat assessments used in this study utilize a non-invasive, listen-only appliance that doesn’t interfere with an organization's ongoing network operations. Trend Micro engineers quickly install the assessment appliance at the network layer on the core switch where it monitors network traffic to detect resident malware activities, such as botnets. The appliance also monitors inbound email and Web traffic to detect potentially infected messages and suspicious Web sites.
Key threats and indicators measured during assessments include:
- IRC bots - network worms - information stealing malware - malware downloads - accesses to malicious URLs
Anthony Arrott is product manager for security analytics at Trend Micro. Among other duties, he coordinates Trend Micro’s participation in external benchmark testing programs that measure the protection commercial security software products provide to their customers.
Arrott was Director of Threat Research at anti-spyware vendor InterMute, prior to its acquisition by Trend Micro in 2005. In 2007 Dr. Arrott led the project team for Trend Micro HijackThis v2.0 – enhancing the popular malware diagnostic tool originally developed by Merijn Bellekom. Dr. Arrott earned his degrees at McGill University and M.I.T.
What are other Premium Support Customers talking about? Learn more