As many as 23 percent of home computers are unaffected with malware, and of those, more than 70 percent had been infected in the past year, are among the alarming findings of AusCERT's first home computer user survey.
The AusCERT Home Computer Users Security Survey 2008 was released yesterday at the annual AusCERT information security conference on the Gold Coast.
The new survey, conducted by Nielsen, was conducted to help quantify the increase in the targeting of client computers and home PCs by malicious code.
AusCERT general manager Graham Ingram said the survey also showed that 35 percent of home internet users download content from peer-to-peer networks, which are notorious for providing access to pirated movies, music and software, and pose a higher risk for malware infections.
Eleven percent of respondents were notified that their computers were infected from third parties such as ISPs, banks or other professional organizations, which, according to AusCERT, indicates more serious forms of malware infection, due to the computer's IP address coming to adverse attention.
Three-quarters of respondents generally operate an administrator account, which can make them more vulnerable to more harmful forms of malware attacks.
The results may be concerning, but most respondents do take steps to secure their computer by updating their operating system (57 percent) and antivirus software (70 percent) automatically all the time, but 11 percent and 8 percent, respectively never update their OS or AV software.
AusCERT's manager for analysis and assessments, Kathryn Kerr, said: "For anyone in the business of raising awareness about security issues among home internet users, the results are very useful because it allows us to better understand what home internet users are doing well and not so well online in terms of their online behavior and find out about their attitudes to security in general."
The survey also revealed another problem - many home internet users do not have a strong grasp of the security technologies they rely on.
For example, 46 percent misunderstood what protection SSL provides and others thought that they could rely on their AV or anti-spyware software (38 percent) and firewall (44 percent) to stop hacker or malware attacks.
"The survey showed strong support (61 percent) among home internet users for ISPs to limit their access to the internet if the ISP became aware their computers had become infected with serious forms of malware," Kerr said.
Ingram said this result was both "surprising and pleasing because it means home internet users are supportive of a layered, or defense-in-depth, approach to security."