Malware Infection Rates Are Almost 70% in Some Countries; Malware Blocking by Browsers Range from 6% to 99%
CARLSBAD, Calif., August 15, 2011 – NSS Labs, Inc., the leading independent security testing organization, today announced the release of its latest Web Browser Security Comparative Test Reports against Socially-Engineered Malware for the third quarter of 2011. Two tests were carried out; one global test and one Asia-Pacific specific test. These reports examine the ability of five different web browsers to protect users from socially-engineered malware.
Socially engineered malware (SEM) remains the most common security threat facing Internet users today, claiming one third of internet users as victims. These attacks pose a significant risk to individuals and organizations by threatening to compromise, damage, or acquire sensitive personal and corporate information. European and American users have found themselves particular targets of malware authors over the last 12 months. North America has consistently been the primary host of malicious URLs, while users in Asia have been victims of the greatest number of malicious URLs.
Cybercriminals are taking advantage of the implied trust relationships inherent in social networking sites (Facebook®, MySpace™, Badoo, StudiVZ, Skyrock, LinkedIn®, renren, Kaixin001 (a.k.a. Happy Net), 51, Multiply, Cyworld, Orkut, Mixi, etc.) and user-contributed content (blogs, Twitter™, etc.) which allow for rapid publishing and anonymity. Furthermore, the speed at which these threats are “rotated” to new locations poses a significant challenge to security vendors.
Browsers tested in the report include:
- Apple® Safari® 5
- Google Chrome™ 12
- Windows® Internet Explorer® 9 (IE9)
- Mozilla® Firefox® 4
- Opera™ 11
Key findings from the reports show:
- Browsers can offer an additional layer of protection beyond antivirus.
- Results varied from Q3 2010 test, with IE9, Chrome, and Opera showing improvement, while Firefox and Safari decreased in protection.
- Microsoft’s IE9 achieved over 99% in protection results with the new Application Reputation feature.
The use of free browser-based reputation systems to assist in the fight against socially-engineered malware is a strong use of cloud technologies. However, in these tests of socially-engineered malware, we found that not all vendor implementations and daily operations yield the same results. It became obvious from these recent tests, in comparison to NSS Labs’ earlier global tests, that Microsoft continues to improve their IE malware protection in IE9 through its SmartScreen® Filter technology and with the addition of SmartScreen Application Reputation technology. With a unique URL blocking score of 99.9% and over-time protection rating of 99.2%, Internet Explorer 9 was by far the best at protecting against socially-engineered malware. Copies of the Web Browser Security Comparative Test Report against Socially-Engineered Malware (including Global, Asia-Pacific, and European reports) are available for no charge at www.nsslabs.com/browser-security.
About NSS Labs, Inc.
NSS Labs, Inc. is the leading independent, information security research and testing organization. Its expert analyses provide information technology professionals with the unbiased data they need to select and maintain complex security products for their organizations. Pioneering intrusion detection and prevention system testing with the publication of the first such test criteria in 1999, NSS Labs evaluates firewall, unified threat management, anti-malware, encryption, web application firewall, and other technologies on a regular basis. The firm’s real-world test methodology is the only one to assess security products against live Internet threats. NSS Labs tests are considered the most aggressive in the industry. Founded in 1991, the company has offices in Carlsbad, California and Austin, Texas. For more information, visit www.nsslabs.com.