Executive Summary of the Study on Information Security and e-Trust in Spanish Households

1st four-month period of 2012 (18th wave)

NATIONAL INSTITUTE OF COMMUNICATION TECHNOLOGIES

Objectives and methodology

OBJECTIVES OF THE STUDY Compare the perception of user security with the reality of the equipment. Analyse the seasonal evolution of security and e-trust indicators. Guide public initiatives and policy to improve security and generate a climate of trust towards the Information Society
OPINION

STUDY METHODOLOGY
Online panel

REMOTE AUDITING

iScan

Four-monthly survey of users

Monthly scan of equipment

n = 3,646 (1st four-month period 2012) n = 63,800 (from Dec. 2006) 18 data collections

7,723 devices (1st four-month period 2012) 202,874 devices (from Dec. 2006) 60 data readings

Perception vs. Reality

(Evolutionary readings)

Summary
Sample Population Internet users of 15 years of age and above with frequent access to the Internet from home. Sample 3,646 users surveyed 7,723 remote analysis of 2,643 devices Sample distribution Multistage sampling segmented by autonomous region and by size quotas for home, age, gender, business activity and home size. Information collection Online interviews. Online analysis of computers Fieldwork January to April 2012 Sampling error Based on the simple random sampling criteria for dichotomous variables in which p=q=0.5 and for a confidence level of 95.5%, a sampling error has been established of 1.62% for n= 3,646.

Contents

Main results
Study on information security and e-trust in Spanish households
1st four-month period of 2012 (18th wave)

Security measures Security behaviour habits Security measures and incidents in households with minors Security incidents Consequences of security incidents and reaction of users E-trust in Spanish households Final conclusions

NATIONAL INSTITUTE OF COMMUNICATION TECHNOLOGIES

http://observatorio.inteco.es
4

Main results
Security measures
Antivirus and firewalls continue to be the most used security tools (90.7% and 76.6% respectively). Non-automatic measures are dominated by password use (77.5%) and removal of cookies and temporary files (71.3%). Significant use of a user without privileges by users of Windows 7 (73.9%) and Windows Vista (85.8%).

Security behaviour habits

Browsing: The percentage of users who use an antivirus for all their downloads has increased by 12 points in one year. Social networks: The percentage of users who limit the access to their information has continued to increase. Risky behaviour: The percentage of users who consciously adopt risky practises continues to be approximately 30%.
5

Main results

Measures and security incidents in households with minors

There is almost a universal parental ban on minors making online purchases (95.2%). Only 43.1% of parents have created a user profile for the child to use. Only one in four parents thought it possible that their children had accessed sexual content, whilst 10.8% confirmed that they knew this to be the case.

Security incidents
The percentage of devices that contain malware has increased compared with the previous reading, which breaks the overall downward trend. This increase of malware incidents is also reflected in the survey results According to users, the receipt of spam is similar to the previous four-month period and continues to be the most common form of security incident.

Main results

Consequences of security incidents and users' reactions

The majority of people consider themselves capable of resolving security incidents (41.8%). Some 46.5% say they have never suffered any data loss and only 10.7% have been forced to reformat or reinstall the operating system in the last three months. Changing password is the most common change made after suffering a security incident (32.5%), especially after suffering from identity theft (42.4%).

E-trust in Spanish households

The Internet generates some or a lot of trust in 55% of users, while only 7.8% has little or no trust in the Internet. A third of users think that security would limit their use of new online services, a similar percentage to those who say that using the Internet means taking certain risks. More than 80% of Internet users think that the Government should be more involved in the security of the Internet, mainly ensuring the development of free tools.
7

Security measures and habits Security measures and habits

Evolution of the declared use of automatable security measures

100% 90% 80%

94.4% 90.7% 77.5% 76.6% 67.7% 62.3% 56.9% 47.5% 52.1% 49.1% 43.5% 32.0%

70% 65.3% 60% 61.5% 50%

49.9% 49.0% 40% 45.8%

30% 20% 10%

7.9%

0% Dec/Jan 07 Antivirus programs Firewalls Pop-up blocking systems Anti-spy programs Parental control programs Antivirus updates Anti-spam -systems Browser security plugins Anti-advertising systems

Jan/Apr 12

Data relating to content filters (parental control for minors) is shown under the subsample of users with young children who connect to the Internet (23.8%).

Security measures and habits Security measures and habits

Evolution of the declared use of non-automatable security measures

100% 90% 80% 70% 60% 55.2% 50% 40% 30% 20% 10% 0%
6.9% Dec/Jan 07 Passwords Back-up copies Staying up to date about IT security User profiles with restricted access Use of electronic National Identification Document (DNI) Jan/Apr 12 Removing temporary files and cookies Copy of recovery disk Specific hard drive partitioning Other forms of digital certification Document encryption 27.3% 18.6% 44.9% 28.5% 50.4% 35.2% 22.5% 21.7% 77.5% 71.3% 58.5% 49.0% 48.1% 38.6% 36.4% 27.8% 20.7% 15.3%

Security measures
Reasons for not using automatable security measures (%)
Reasons Slows down use Do not need Do not trust Ineffective Not aware Others 11.7 14.8 11.6 15.8 10.2 8.4 9.0 7.9 10.8 12.4
10

Antivirus programs Antivirus updates Firewalls Operating system updates Anti-spam programs or configuration Pop-up blocking programs or configuration Browser security plugins Anti-spy programs Advertising blocking programs or configuration Content filter programs or configuration

9.3% 14.6% 23.4% 27.5% 32.3% 37.7% 47.9% 50.9% 56.5% 68.0%

3.6 15.1 33.5 2.6 29.3 34.6 35.4 30.7 32.1 11.4

31.8 21.0 26.2 27.3 31.7 27.5 29.1 29.5 31.4 53.2

21.6 25.7 8.1 9.6 8.6 7.6 7.3 10.3 7.2 8.6

Price

Measures

households where currently not used

18.9 13.8 16.4 19.4 13.8 15.5 12.3 13.3 12.5 8.9

4.6 5.2 1.8 4.4 3.5 3.8 4.6 5.9 3.9 3.0

7.8 3.3 2.3 2.8 2.9 2.6 2.3 2.3 2.2 2.5

Security measures
Reasons for not using non-automatable security measures (%)
Reasons Slows down use Do not need Do not trust Ineffective Not aware Others 10.0 28.3 27.1 26.9 29.4 19.1 11.8 18.7 26.9 13.3
11

Passwords (devices and documents) Removing temporary files and cookies Back-up copies of files Disk copies to recover the system Searching for computer security information Hard disk partitioning Regular use with restricted permissions Electronic signature digital certificates Electronic National Identification Document (DNI) Document or data encryption

22.5% 28.7% 41.5% 51.0% 51.9% 61.4% 63.6% 72.2% 79.3% 84.7%

4.9 21.5 17.9 8.4 17.9 24.4 16.4 18.4 6.8 26.5

71.1 34.7 41.9 41.1 37.7 43.0 57.1 47.8 48.4 48.1

2.1 3.9 2.4 4.5 2.9 2.5 2.6 2.8 4.2 1.6

Price

Measures

households where currently not used

6.7 7.5 6.3 4.4 5.1 5.8 7.5 3.1 3.8 4.3

2.7 2.6 3.0 3.5 5.6 2.9 2.9 7.4 8.4 4.3

2.5 1.5 1.3 1.3 1.4 2.4 1.5 1.7 1.4 1.9

Security behaviour habits

Evolution of security behaviour habits

62.6% I analyse all the files I download I always download and open files attached in an email (disagree) I never disclose confidential information in chats or instant messaging When I carry out transactions I check that I am using a secure connection I always type in the web address of my bank or online shop I use an antivirus to analyse all files downloaded from P2P networks My profile/information may be seen by anyone using the social network 0% May/Aug 11 Sept/Dec 11 10.5% 8.0% 20% 40% 60% Jan/Apr 12
12

74.2% 74.9% 81.3% 89.2% 90.9% 72.7% 77.7% 54.2% 68.9% 57.6% 65.2%

80%

100%

Security measures and incidents in households with minors

Evolution of security habits in relation to minors

I am concerned about the news relating to security for minors that is reported in the press I pay as much attention to their cyber friendships as I do with their real life friendships I warn my child about the dangers of giving out personal details about himself or about people close to him I have asked him to let me know of any behaviour or contact that makes him feel uncomfortable or suspicious I have created a user account with restricted access for minors to use the Internet I supervise the content he has accessed after each session (browsing history) 0% May/Aug 11 20% 40% 60% Jan/Apr 12 40.2% 43.1% 67.5% 71.1% 80% 75.0%

85.8% 89.0%

77.7% 86.1% 91.9% 82.9% 88.7%

100%

Sept/Dec 11

13

Security measures and incidents in households with minors

Main security incidents known to parents in relation to minors

Access to content relating to anorexia or bulimia

10.8%

Dealings with adults passing themselves off as children

7.7%

That were the victims of fraud or scams

7.3%

Arranged one-to-one meetings with adults or strangers

6.1%

Were the subject of sexual harassment

5.6%

Whose child copied and spread inappropriate images of others 0%

5.1% 10% 20% 30% 40% 50%

14

Security incidents
Evolution of devices containing malware, perception compared with detection

100% 90% 80% 70% 60% 48.5% 50% 40% 30% 20% 10% 0%
May 11 Jun 11 Jul 11 Aug 11 Sep 11 Oct 11 Nov 11 Dec 11 Jan 12 Feb 12 Mar 12

iScan

44.4%

46.1%

45.8%

48.0%

47.8%

51.9% 46.4% 45.2% 46.7%

48.0%

48.9%

27.3%

27.3%

31.3%

Apr 12

Perception (survey)

Reality (iScan)

15

Security incidents Security incidents

Evolution of devices containing malware

iScan
100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%

07 an J

07 ec D

08 ec D

9 c0 De

10 ec D

2 1 r 1 c1 Ap De

Linear (Evolution trend in malware)

16

Security incidents
6.000

Security incidents
4924 4162 4132 3329 3415 2476 3565 2909 2287 1987 2391 1910 1712 2630 2247 1633 1869 2295 2527 2724 3982

5.000 3786

iScan

4.000

3.000

2.000 1126 942 1.000

Total number of malicious files and unique malware variants

0 May 11 Jun 11 Jul 11 Aug 11 Sep 11 Oct 11 Nov 11 Dec 11 Jan 12 Feb 12 Mar 12 Apr 12 Number of malicious files
2500 2186 2000

Unique malware variants

iScan

1500

N of detections for each unique malware variant, Apr 12

1000

500 285 107 0 1 detection 2 detections 3 detections 4 detections 5 detections 6 detections +6 detections 17 57 26 18 45

Security incidents Security incidents

Evolution of the risk level of all devices

100% 90% 80% 70% 60% 50% 39.0% 40% 30% 20% 8.8% 10% 0% May 11 Jun 11 No risk Jul 11 Aug 11 Sep 11 Low risk Oct 11 Nov 11 Dec 11 Jan 12 Feb 12 Mar 12 High risk 0.6% 8.6% 2.4% 9.4% 2.4% 10.2% 2.2% 6.8% 2.4% 6.4% 2.6% 5.3% 2.2% 5.9% 2.2% 6.0% 3.5% 5.4% 3.5% 5.2% 4.1% 33.3% 34.2% 33.4% 38.6% 38.5% 38.7% 36.9% 51.6% 55.7% 54.0% 54.3% 52.2% 52.4% 53.9% 54.9% 48.4% 42.0% 37.6% 53.4% 52.2% 38.4%

iScan

51.3% 38.3%

5.6% 4.8%

Apr 12

Medium risk

18

Consequences and reactions to incidents

Reactions following a security incident

Change passwords Update security tools already installed Begin to make back-up copies Change security tools Stop downloading files from P2P networks, Torrents, Install a security tool for the first time Stop using unauthorised software Stop buying online Stop using Internet services (email, etc.) Stop using online banking services Others No change

32.5% 26.3% 14.9% 10.6% 9.3% 8.0% 7.0% 5.4% 4.8% 3.5% 2.2% 40.5% 0% 10% 20% 30% 40% 50%

19

Consequences and reactions to incidents

Method of resolving security incidents

100% 9.4% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% May-Aug 11 I can resolve it myself I ask a friend or relative to help me resolve it Sep-Dec 11 Jan-Apr 12 I can resolve it with guidance from an expert I take the device to a specialist service
20

11.0%

10.6%

29.8%

31.1%

30.9%

14.6%

16.3%

16.7%

46.3%

41.5%

41.8%

E-trust in Spanish households

Overall, how much do you trust the Internet? 100% 8.8% 90% 80% 8.0%

7.8%

70%
60% 50% 40% 30% 20% 10% 0%

38.6%

39.9%

37.2%

52.6%

52.1%

55.0%

May -Aug 11 Some or a lot of trust

Sept/Dec 11 Enough trust

Jan -Apr 12 A little or no trust

21

E-trust in Spanish households

Perception of the number of security incidents compared to 3 months ago

100% 10.6% 90% 80% 70% 60% 50% 40% 30% 50.7% 20% 10% 0% May-Aug 11 There are less than 3 months ago Sep-Dec 11 The same as 3 months ago Jan -Apr 12 There are more than 3 months ago
22

11.4%

10.8%

38.7%

39.8%

41.3%

48.9%

47.9%

E-trust in Spanish households

Perception of the seriousness of security incidents compared to 3 months ago

100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0%

6.4%

6.5%

7.0%

45.1%

43.5%

44.2%

48.5%

50.0%

48.8%

May-Aug 11 Less severe than 3 months ago More severe than 3 months ago

Sep-Dec 11

Jan -Apr 12 As severe as 3 months ago

23

E-trust in Spanish households

Measures demanded from government

To develop and offer free security tools Supervise more closely what is happening on the Internet Update and reform legislation covering new Internet offences Conduct information and awareness campaigns regarding the risks and how to avoid them Greater coordination when solving security issues 18.3% 13.1% 11.3% 9.0% 7.4% 6.3% 4.7% Others 0% 0.2% 5% 10% 15% 20% 25%

29.7%

Supervise appropriate use of personal data on the Internet Provide help/technical support for problems relating to IT security for citizens Offer courses and educational workshops about Internet services and security

30%

24

Final conclusions

The specific increase in the detection of malware during January and the subsequent modest increase could be due to what is known as police malware. This event is related to the increase in the perception of users of a greater number of malware incidents. Users continue to trust traditional protection methods, but distrust some aspects of those that the latest malware uses. Although Spanish internet users recognise that there are certain risks when using the Internet (44.8%) and understand that it is the user that bears the majority of the responsibility for security (46.7%), there is still a tendency to cling to an old security system. This police malware shows that not only banking trojans or adware are able to find direct ways of profiting through malware, but that there is also a significant profiteering niche from hijacking a system. In spite of the seriousness and extent of this incident, the e-Trust of Spanish users has not been significantly impacted.

25

http://www.inteco.es http://observatorio.inteco.es