Executive Summary of the Study on Information

Security and e-Confidence in Spanish

Households
3rd quarter of 2010 (14th wave)

INFORMATION SECURITY OBSERVATORY

Objectives and methodology

OBJECTIVES OF THE STUDY STUDY METHODOLOGY

9 To compare users' perception of Online panel

security with the real situation
of computers.
OPINION REMOTE
9 To analyse the evolution over AUDITING iScan
time of security and
e-confidence indicators.
Quarterly Monthly
9 To guide public initiatives and surveys of scans of
policies towards improving users computers
security and generating a
climate of trust towards the 9 n = 3,538 (3rd Quarter 2010) 9 8,836 computers (3rd Quarter 2010)
Information Society 9 n= 46,786 (from Dec 2006) 9 172,325 computers (from Dec 2006)
9 13 data collections 9 46 data collections

Perception vs. Reality

(Evolutive readings)

2
Technical specifications

Sample population
Spanish Internet users over 15 years of age with frequent
access to the Internet from home.
Sample
3,538 users
8,836 remote analyses
Sample distribution
Multistage sampling with stratification by Autonomous
Region and size quotas by household, age, gender, work
activity and home size.
Information collection
Online interviews
Online analysis of computers
Fieldwork
July to September 2010
Sampling error
In accordance with the criteria of simple random sampling
for dichotomous variables in which p=q=0.5 and for a
confidence level of 95.5%, the sampling error for n=3,538
is ±1.68%.

3
Contents

™ Main results
™ Security measures and habits
™ Security incidents
™ Users' reaction to security
incidents and their consequences
™ e-Confidence in Spanish
households
™ System of information security
indicators

http://observatorio.inteco.es
4
Main results

Security measures and habits

¾ Automatable measures occupy the first places in the table of the declared use of security
measures: antivirus programmes (92.5%), firewalls (81.3%) and operating system updates
(80.7%). These positions are the same as in previous quarters.
¾ Users of social networking sites are becoming increasingly careful with their privacy:
66.2% declare that their profiles can only be seen by friends or contacts.
¾ 47.8% of parents state that they have created a limited user account for their children to
go online. This information is very positive as it reduces the impact possible dangerous
behaviour by the minor may have on the computer.
Security incidents
¾ The most common security incident in the past three months as declared by Internet
users is receiving unwanted e-mails or spam (66.9%). According to the INTECO network
of sensors, the real figure rises to 77.4%.
¾ 53.6% of the computers analysed with the iScan programme are infected with malware.
Trojans, at 38.7%, and adware, at 27.1%, are the types of malicious code most commonly
present on users' computers, followed by tools (23.8%).

5
Main results

Users' reaction to security incidents and their consequences

¾ 60.6% of users have made no changes to their Internet browsing habits as a result of an
incident they have experienced, compared to 39.4% that did adopt some precautionary
measures.
¾ Users state that they are acting to a greater degree on security programmes (55%),
followed by changing passwords (45.9%).
¾ Almost two out of every three users resolve security problems independently: 44.6% with
no-one's help and 19% with the help of an expert.
e-Confidence in Spanish households
¾ The majority of Spanish Internet users trust the Internet (89.9%) during the third quarter of
2010 and believe that their computer is reasonably well protected (81.5%).
¾ Users continue to show more trust in carrying out banking transactions in a branch
(72.9%) than via the Internet (50.8%).
¾ Lastly, 79.3% of panellists would like the Government to be more involved in guaranteeing
Internet security.

6
 Security measures and habits
Security measures and habits
Evolution of the declared use of automatable security measures (%)

100% 94.4% 92.5%

90%
81.3%
80% 80.7%
65.3% 72.5%
70%
68.9%
60% 61.5% 63.9%
49.9%
50%
41.4%
40% 45.8% 37.1%
37.4%
30% 32.9%
20%

10%

0%

Antivirus programs OS and program updates Firewalls

Pop-up window blocking program Anti-spam programs Anti-spy programs
Anti-fraud programs Parental control programs

The data referring to content filter programs (parental control for minors) is presented for the sub-sample of Internet-connected users with young children (20.1%). 7
Security measures and habits
Security measures and habits
Evolution of the declared use of non-automatable security measures (%)

100%
90%
79.3%
80%
79.2%
70%
61.7%
60% 55.2% 60.3%
50% 44.9% 46.8%
45.9%
40% 35.2% 37.7%
28.5% 30.7%
30%
18.6% 22.5% 21.7%
20% 21.7%
21.1%
10% 6.9%

0%

Removing temporary files and cookies Passwords (computers and documents)

Back-up files Makes copies of system recovery disks
Hard disk partitioning Searching for computer security information
Regular use with restricted permissions Electronic ID
Electronic signature digital certificates Encryption of documents or data

8
 Security measures and habits
Security measures and habits
Stated intention to use automatable and non-automatable security measures in the next 3
months (data from 2010Q1) (%)

3.7%
Antivirus programs 92.5% 3.8%
OS and program updates 80.7% 11.2% 8,1%
Firewalls 81,3% 7.5% 11,3%
Removing temporary files and cookies 79,2% 14.4% 6,5%
Passwords (computers and documents) 79,3% 5.4% 15,3%
Pop-up window blocking program 72,5% 11.9% 15,7%
Anti-spam programs 68,9% 11.5% 19,6%
Anti-spy programs 63,9% 13.7% 22,4%
Makes copies of system recovery disks 60,3% 17.3% 22,5%
Back-up files 61,7% 23.4% 14,9%
Hard disk partitioning 46,8% 17.4% 35,7%
Searching for computer security … 45,9% 24.3% 29,8%
Parental control programs 41,4% 19.5% 39,0%
Anti-fraud programs 37,4% 21.9% 40,7%
Regular use with restricted permissions 37,7% 13.1% 49,3%
Electronic signature digital certificates 30,7% 20.5% 48,8%
Electronic ID 21,7% 33.0% 45,3%
Encryption of documents or data 21,1% 21.9% 57,0%

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Currently In the next 3 months I will probably not use them

The data referring to content filter programs (parental control for minors) is presented for the sub-sample of Internet-connected users with young children (20.1%). 9
 Security measures and habits
Security measures and habits Reasons for non-use
% of

Do not need

Do not trust

Ineffective
Not aware
homes not

Hinder

Others
Price
Measures intending
to use
them

Antivirus programs 3.7% 3.1 26.7 16.1 22.2 0.0 10.7 21.2
Removing temporary files and cookies 6.5% 40.7 10.6 3.6 13.6 0.0 12.0 19.6
OS and program updates 8.1% 23.9 5.1 16.7 21.2 2.1 8.9 22.1
Firewalls 11.3% 31.2 12.1 12.8 21.5 1.0 7.1 14.3
Passwords (hardware and documents) 15.3% 7.0 57.9 0.6 8.8 0.2 7.8 17.7
Back-up copies of files 14.9% 26.5 26.9 4.8 8.7 0.2 8.3 24.6
Pop-up window blocking programs 15.7% 32.0 12.3 10.5 22.0 0.5 7.5 15.3
Anti-spam programs 19.6% 20.5 20.5 9.4 17.8 1.4 14.4 16.0
Anti-spy programs 22.4% 32.8 15.7 11.6 15.6 1.3 9.2 13.9
Making copies of system recovery disks 22.5% 30.6 15.2 5.2 7.2 0.6 6.7 34.5
Searching for computer security information 29.8% 23.2 23.5 4.6 6.0 1.6 8.1 32.9
Hard disk partitioning 35.7% 41.0 14.7 2.1 10.1 0.6 6.6 24.9
Parental control programs 39.0% 10.7 44.9 3.6 17.6 0.6 8.8 13.8
Anti-fraud programs 40.7% 40.6 17.5 10.5 9.8 1.5 8.6 11.5
Electronic ID 45.3% 15.2 21.6 4.4 2.7 5.5 6.2 44.5
Regular use with restricted permissions 49.3% 22.5 40.4 1.7 12.1 0.2 4.2 18.7
Electronic signature digital certificates 48.8% 42.8 16.1 3.4 3.0 2.1 6.2 26.3
Document or data encryption 57.0% 40.9 22.7 2.4 6.6 0.7 4.8 21.9

To facilitate reading the chart, the percentage corresponding to the most frequently cited reason for each of the tools is shown in red.
The data referring to content filter programs (parental control for minors) is presented for the sub-sample of Internet-connected users with young children (20.1%). 10
Security incidents
Security incidents
Evolution of equipment storing malware (%)

iScan
100%
84.9%
90% 79.6% 84.0% 85.6%
76.2% 82.8%
79.4%
80% 76.0%
79.3% 76.3%
78.2% 76.5% 65.3% 65.9%
70%
59.1% 54.2%
60% 54.0%
62.7% 61.5% 56.2%
50% 57.1% 52.8% 53.6%
40%

30%

20%

10%

0%

Lineal (Malware Evolution Trending)

11
Security incidents

Evolution of malware incidents by category (% of all scanned computers)

100%
iScan
90%

80%

70%

60%

50%

40%

30%

20%

10%

0%

Adware Spyware Worms Tool Heuristics Others Trojans Viruses

12
 Security incidents
Security incidents
Total number of malicious files and unique malware variants
25000
iScan
20000 17,967
18,415
15,949
15000 13,609
12,414
10,587
10000
7,839
7,042
6,943
5000 6,774 6,930 5,952
5,428
4,574
3,451 3,334
0

Number of malicious files Unique malware variants No. detections of each unique malware variant, September 2010

3000
2,462 iScan
2500

2000

1500

1000
438
500
159 74 54 35
0
1 detection 2 3 4 5 6
detections detections detections detections detections
13
Security incidents
Security incidents
Evolution of risk level for all computers (%)

100%
iScan
90%

80% 71.6%

70%
61.4%
60%
49.1%
50% 47.1%
44.8% 43.5%
41.2%
38.0% 39.0% 38.3% 38.1%
40% 34.9% 36.4%

30%

20% 13.5% 13.6%

10.9% 12.3% 12.5% 12.3% 13.3% 12.4%
11.3% 11.2% 11.4% 10.4% 10.3%
10%
6.7% 5.9% 5.4% 5.8% 5.5% 5.4% 5.3% 5.2%
3.6% 4.5% 4.5% 4.6%
2.4%
0%

Low risk Medium risk High risk

14
Consequences and reaction to incidents

Type of action* taken after suffering a security incident by users who change their security habits and measures (%)

55.0%
I have updated my security programs
47.8%
45.9%
I have changed my passwords
46.4%
24.0%
I have started making backup copies
25.4%
22.1%
I have changed security programs
23.3%
9.0%
I have installed a security tool for the 1st time
8.9%
7.9%
I have stopped shopping online
7.1%
6.7%
I have stopped using online banking
5.0%
6.3%
I have stopped using Internet services
5.1%
13.0%
I have stopped downloading files
11.3%
1.5%
Others
2.3%

0% 20% 40% 60% 80% 100%

2010Q3 2010Q2 2010Q1 2009Q4

* Multiple response

15
Consequences and reaction to incidents

Evolution of security incident resolution formula (%)

100%

90%

80%

70%

60%

50% 44.6%
38.1%
40%

30% 24.9% 25.3%

22.9%
19.0%
20% 14.1%
11.1%
10%

0%
I know where to get the I can resolve my computer security I ask a relative or friend for help to I take my computer to technical
information I need to find out what issues myself with guidance from resolve them support
is wrong and resolve it myself someone more expert in the
subject

2009Q3 2009Q4 2010Q1 2010Q2 2010Q3

16
e-Confidence in Spanish households

Perception of the number of security incidents compared to 3 months ago (%)

100%

90%

80% 37.9% 41.1%

40.2% 42.5% 41.9% 44.3% 42.0% 42.3%
46.1%
70%

60%

50%

40%
49.6% 49.2% 45.4% 47.2% 48.7% 46.6% 47.5%
30% 48.0% 44.3%

20%

10%
12.5% 10.6% 12.1% 10.9% 10.1% 11.4% 10.2%
7.8% 9.6%
0%
2008Q1 2008Q2 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3
There are more than 3 months ago The same as 3 months ago
Less than 3 months ago or they have disappeared

17
e-Confidence in Spanish households

Perception of the severity of security incidents compared to 3 months ago (%)

100%

90%
30.7% 34.3%
80% 41.1% 41.3% 38.9% 41.9% 42.3%
44.3% 44.8%
70%

60%

50%

40% 59.8%
57.6%
49.7% 51.6% 54.4% 50.5% 50.0%
30% 48.0% 47.4%

20%

10%
9.5% 8.1% 9.2% 7.1% 6.7% 7.8% 7.8% 7.6% 7.7%
0%
2008Q1 2008Q2 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3

More severe than 3 months ago As severe as 3 months ago Less severe than 3 months ago

18
e-Confidence in Spanish households

Measures demanded from Government

Priority
Nature of the measure Measure
measure
Supervise more closely what is happening on the Internet 28%
Surveillance
Supervise appropriate use of personal data on the Internet 7.3%
Provide response/technical support to security problems on
6.3%
Technical response citizens' computers
Develop and offer free security tools 26.4%
Carry out information and awareness raising campaigns on the
6.5%
risks and how to prevent them
Raising awareness
Provide training courses and workshops on Internet services
3.4%
and security
Greater co-ordination (legislation, persecution, information)
between administrative bodies involved (police forces, judges, 9.8%
Institutional and legislative
etc.) in solving security problems
response
Legislative update and reform for the new Internet offences 12.0%
TOTAL 99.7

19
 System of information security indicators
Security Indicators System
INTECO Security Indicators System (Households)

100
90
80 76.6
72.5
67.4 68.6 66.3 69.5
70 65.8

60 55.7
47.9
50
40.3
40
30
20.4
20
8.6
10
0
Tools and Security e-Confidence Malware Computers at Computers with
security behaviour and indicator incidents high risk high
measures habits indicator indicator indicator dissemination
indicator potential
indicator

PROTECTION INDICATORS
INCIDENT/RISK INDICATORS

2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3

20
Final conclusions

9 Spanish households continue to show good standards of security tools and habits.
However, users are less likely to take measures that require continuous and
systematic work by the user, such as creating backup copies of files and searching
for information.
9 Greater adoption of security behaviours and habits leads to a good level of overall
security. For example, users of social networking sites are increasingly careful with
their privacy, limiting their profiles to their closest contacts.
9 Malware incidents continue their downward trend, although there is a gap between
what users perceive and the real impact. In the case of junk mail, the INTECO
network of sensors has noted the reduction caused by the disappearance of
spamit.com, a system that operated illegally in association with spammers.
9 Computers' level of risk has fallen steadily throughout 2010, especially in relation to
medium risk.
9 The measures most frequently demanded of Government continue to be vigilance
and the development of free security tools.

21
 http://www.inteco.es

http://observatorio.inteco.es

Follow us on: Do you want to send us a comment?

observatorio@inteco.es