Microsoft Security Intelligence Report volume 14 on the Road: Japan

I was in Tokyo a couple of weeks back, talking to people about the latest Microsoft Security Intelligence Report.  According to the report, Japan continues to have one of the lowest malware infection rates in the world, as seen in Figure 1.  The Microsoft Malicious Software Removal Tool (MSRT) found just 0.7 systems infected with malware for every 1,000 systems scanned in the fourth quarter of 2012.  The worldwide average was 6.0 during the same period.

Figure 1 (left): Locations with relatively low malware infection rates, third quarter of 2011 (3Q11) to fourth quarter of 2012 (4Q12); Figure 2 (right): Infection rates for protected and unprotected computers in three locations with low CCM

As reflected in Figure 2, systems that run up-to-date real-time antimalware software, even in the least malware infected locations in the world, have lower malware infection rates than systems that don’t.  The malware infection rate for systems in Japan without up-to-date real-time anti-virus software installed (1.56) was more than ten times higher than that of systems with up-to-date real-time anti-virus software installed (0.15).

Japan has been able to maintain relatively low malware infection rates for many years.  I often get asked by the customers and governments I talk to, what Japan’s secret is.  I wrote an article on this in the past called, Japan – Lessons from Some of the Least Malware Infected Countries in the World – Part 5, which includes additional context from security professionals that live and work in Japan.

While I was in Japan I had the opportunity to ask a few security professionals there how Japan maintains such low malware infection rates, including Takashi Manabe and Osamu Sasaki from the Japan Computer Response Team Coordination Center (JPCERTCC). I also had a good conversation with Microsoft Japan’s Chief Security Advisor, Masakazu Takahashi.

As I have written before, consistently low regional malware infection rates are likely a result of several factors including non-technical socio-economic factors.  We have seen that factors like the ones in Figure 3 have been correlated to regional malware infection rates.  Certainly strong partnerships between government and industry are key. 

Figure 3: Some of the socio-economic factors examined in the new study, with values for Japan from the second quarter of 2011

Tim Rains
Trustworthy Computing

About the Author
Tim Rains

Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection

Tim Rains is Chief Security Advisor of Microsoft’s Worldwide Cybersecurity & Data Protection group where he helps Microsoft’s enterprise customers with cybersecurity strategy and planning. Formerly, Tim was Director Cybersecurity & Cloud Strategy in Trustworthy Computing at Microsoft, where he Read more »