The most comprehensive study ever undertaken by the mi2g Intelligence Unit over 12 months reveals that the world’s safest and most secure 24/7 online computing environment – operating system plus applications – is proving to be the Open Source platform of BSD (Berkley Software Distribution) and the Mac OS X based on Darwin. This is good news for Apple Computer whose shares have outperformed the benchmark NASDAQ, S&P and Dow indices as well as Microsoft by over 100% in the last six months on the back of revived sales and profits. The last twelve months have witnessed the deadliest annual period in terms of malware – virus, worm and trojan – proliferation targeting Windows based machines in which over 200 countries and tens of millions of computers worldwide have been infected month-in month-out.
The latest mi2g Intelligence Unit study analyses 235,907 successful digital breaches against permanently connected – 24/7 online – computers across the globe. The nearly quarter million digital breaches carried out by hackers span twelve months from November 2003 to October 2004. Global proliferation data from over 459 malware species since the start of 2004 has also been analysed.
The sample of breached computing environments is holistic and possesses some anti-virus protection and basic security at the very least. It consists of micro entities – homes and small offices without a separate firewall unit; small entities – organisations with a turnover of below $7 million with a separate firewall unit; medium entities – organisations with a turnover between $7 million and $40 million with a separate firewall unit and basic intrusion detection; and large entities – organisations with a turnover in excess of $40 million with firewall layers, intrusion detection systems and dedicated computer security staff.
In 2004, 32.7% of all digital breaches were carried out against micro entities including home-based individuals with 24/7 online computers; 58.8% of all digital breaches were against small entities; 6.1% of all digital breaches were against medium size entities; and only 2.5% of all digital breaches were against large entities – businesses, government agencies and non-government organisations inclusive.
The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded, with 154,846 successfully compromised Linux 24/7 online computers of all flavours. The number of successful manual hacker attacks against Microsoft Windows based online computers has remained steady and accounts for 25.19% of all breaches recorded, with 59,419 successfully compromised Windows targets of all versions. In sharp contrast, the number of successful hacker attacks against Mac OS X or BSD based online computers has demonstrated a declining trend and accounts for just 4.82% of all breaches recorded, with 11,370 successfully compromised BSD targets of all flavours including Apple.
In a remarkable switch in top rank within the Government computing environment over the last twelve months, the most breached Operating System for online systems has now become Windows (57.74%) followed by Linux (31.76%) and then BSD and Mac OS X together (1.74%). This is in stark contrast to the situation six months ago, when Microsoft Windows was significantly lower in terms of recorded government server breaches in comparison to Linux. The number of recorded breaches against government online computers running BSD or Mac OS X worldwide remains very low.
The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to environments running Open Source including Linux, BSD and Mac OS X. When taking the economic damage from malware into account over the last twelve months, including the impact of MyDoom, NetSky, SoBig, Klez and Sasser, Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware – virus, worm and trojan – proliferation. This is directly the result of very insignificant quantities of highly damaging mass-spreading malware being written for other computing environments like Linux, BSD and Mac OS X.
In 2004, the overall economic damage from hacker perpetrated overt, covert and DDoS digital attacks worldwide is estimated to have been between $103bn and $126bn by the mi2g Intelligence Unit. These figures exclude malware attacks through viruses, worms and trojans which account for an additional estimated damage of between $166bn and $202bn worldwide.
Economic damage is calculated by the mi2g Intelligence Unit on the basis of helpdesk support costs, overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades. When available, Intellectual Property Rights (IPR) violations as well as customer and supplier liability costs have also been included in the estimates.
“More and more smart individuals, government agencies and corporations are shifting towards Apple and BSD environments in 2004,” according to a statement released by DK Matai, Executive Chairman, mi2g. “For how long can the truth remain hidden that the great emperors of the software industry are wearing no clothes fit for the fluid environment in which computing takes place, where new threats manifest every hour of every day. There is an accelerating paradigm shift visible in 2004 and busy professionals have spotted the benefits of Apple and BSD because they don’t have the time to cope with umpteen flavours of Linux or to wait for Microsoft’s Longhorn when Windows XP has proved to be a stumbling block in some well chronicled instances.”
For the record, neither mi2g Ltd nor the mi2g Intelligence Unit have a business relationship with Apple Computer and we do not own any shares in that corporation. Previously, the mi2g data for one month was considered to be too small a sample and not representative of the global environment within which different types of entities – micro, small, medium and large – exist. We have addressed those concerns in the new study. The critics were against the previous study which also came out in favour of Apple and BSD, because the entrenched supporters of Linux and Windows felt that mi2g was guilty of ‘computing blasphemy’. In subsequent months, mi2g’s reputation was damaged on search engines and bulletin boards. We would urge caution when reading negative commentary against mi2g, which may have been clandestinely funded, aided or abetted by a vendor or a special interest group.
Related MacDailyNews article:
Security expert who called ubiquity of Microsoft software a national security risk fired – September 26, 2003
Switching to Macintosh will save your business money – February 09, 2004
Study: Apple’s Mac OS X is most secure operating system – February 20, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Study shows unpatched Windows PCs compromised in 20 minutes – August 17, 2004
AT&T Corp. evaluating Apple’s Mac OS X, Linux in face of Windows’ insecurity – October 05, 2004