Even as botnets surge, half of Australians believe malware poses no risk: ACMA

One in 10 Australians still don't have security software installed and 49 per cent believe they will never be a victim of malware, according to new research from the Australian Communications and Media Authority (ACMA).

The findings, contained in the report Malware and Harmful Software: Consumer Views on Software Threats and Use of Protections, are at odds with the reality of malware infection in Australia: ACMA’s Australian Internet Security Initiative (AISI), which tracks incoming traffic for malware on behalf of Australian ISPs, is reporting 35,500 infected Australian IP addresses to ISPs every day.

“While it is difficult to accurately assess the amount of malware in circulation, the ACMA is identifying and reporting record numbers of malware infections under its vital AISI program,” ACMA's deputy chairman and cyber security spokesman, Richard Bean, said in a statement. “These alarming results indicate Australian internet users need to be more vigilant in protecting their computing devices from malware.”

Indeed, recent research from Trend Micro found that Australia hosts more malware botnet command-and-control (C&C) servers than any country except the United States – with one in 20 of all C&C servers located on compromised Australian computers.

Although Australia’s overall information security spend is growing rapidly, the results of the ACMA survey confirm many end users still have a much different view on the real risk of malware.

The results, which were collected by Roy Morgan Research in four focus groups and a phone survey of 1500 Australians aged 18 years and over, paint a glum picture of user security: for example, 10 per cent of users reported having no security software at all and 8 per cent have security software but don’t regularly update it.

Despite the low security profile, users are increasingly active online, with 88 per cent reporting they give personal or financial information online, 77 per cent using the Internet to bank, 75 per cent using it to shop, and 73 per cent using it to pay bills. Fully 63 per cent of users admit sharing their details on social networks, with mobiles used for social networking by 56 per cent of respondents compared with just 31 per cent using mobiles to bank, shop or pay bills.

Half of users said it was unlikely or highly unlikely that malware could let others use their computer to send out spam or redirect users to fake websites, while 43 per cent said it was unlikely or highly unlikely that malware could affect the way their systems operate.

Younger users were generally less aware of the risks of being online, with 60 per cent of 18-24 year olds saying it was unlikely someone else could use their computer to send out spam or redirect them to fake Web sites; by contrast, only 46 per cent of 50-64 year olds said such a result was unlikely.

Sixty-two percent of 18-24 year olds said it was unlikely that malware could steal their personal or financial information, compared with 43 per cent of 35-49 year olds.

Younger respondents were also less likely to keep their protective software, browsers, and general applications up to date, or to immediately delete emails from unknown sources. They were also less likely than older respondents to not click on email links from unknown senders, with just 75 per cent saying they knew not to do so – compared with 87 per cent of 35-49 year olds.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags Australian Communications and Media Authority (ACMA)malware

More about CSOmobilesMorganRoy MorganTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts