Saudi Arabia tops the list of countries in the Gulf region (GCC) in terms of the number of infected PCs. This was the conclusion reached by Kaspersky Lab experts after analyzing data on malicious activity in the region during the third quarter of 2011
Saudi Arabia tops the list of countries in the Gulf region (GCC) in terms of the number of infected PCs. This was the conclusion reached by Kaspersky Lab experts after analyzing data on malicious activity in the region during the third quarter of 2011. The data was received from consenting participants in the Kaspersky Security Network (KSN)*, a network that brings together millions of Kaspersky Lab users worldwide to detect and pass on information about malicious activity.
The GCC region has experienced rapid development over the last few years, with the number of Internet users growing and expansion of the local sector of the World Wide Web.
“We have analyzed the figures for the third quarter of 2011 and found that the largest number of infections and attempts to compromise users’ computers were registered in Saudi Arabia and the United Arab Emirates,” says Vayacheslav Zakorzhevsky, Senior Malware Analyst at Kaspersky Lab.
pic A breakdown of GCC countries according to number of infection attempts
Kaspersky Lab experts point out that this distribution is primarily down to the size of population in these countries: more people mean more infections.
Malware that spreads via removable media and local networks dominates in the GCC countries. This is in contrast to Europe and the US where the majority of malicious programs emanate from the Internet and where adware tops their respective ratings.
“We think this is due to several factors. First of all, it is down to language-related peculiarities which considerably reduce the effect of spam and adverts in English. Translation into Arabic means additional costs which the cybercriminals appear unwilling to pay,” Vayacheslav Zakorzhevsky explains.
The experts at Kaspersky Lab also stress that content filtering is performed in Saudi Arabia (http://www.isu.net.sa) which prevents users accessing sites with inappropriate content such as drugs etc. Such measures are enforced to some extent in all the countries of the Gulf region, considerably reducing the risk of infection via the Internet.
An analysis of the operating systems in use has shown that Windows XP is still more popular among users in the GCC region than it is in Europe and the US. The list of applications addressing malicious objects is headed by Internet Explorer and Windows Explorer. “This indicates indirectly that there are a large number of potentially vulnerable computers in the region,” comments Vyacheslav Zakorzhevsky. “This conclusion is also supported by malware statistics – the malicious programs that are most widespread in the GCC region use old vulnerabilities and dated propagation methods.”
Kaspersky Lab also assessed the relationship between the number of attempted infections in each GCC country and the number of active users in that country. The resulting figure demonstrates how often computers in each country are subjected to infection attempts.
| Country | Infection attempts per active user |
| Oman | 3.4 |
| Qatar | 2.4 |
| United Arab Emirates | 2.2 |
| Kuwait | 2.2 |
| Bahrain | 2.0 |
| Saudi Arabia | 31.9 |
The number of infection attempts per active user in GCC countries
It appears that the number of infection attempts per user in Oman is somewhat greater than that in neighboring countries. “This can be accounted for by the relative underdevelopment of IT security in that country, which means users are less aware of potential threats,” says Vyacheslav Zakorzhevsky. It should be noted that these numbers are several times lower than in European countries (7 times), the US and Canada (5 times). This indicates that users in the GCC region are exposed to a smaller number of infection attempts than their counterparts in Europe and the US. Possible explanations for this phenomenon have already been outlined above.
Kaspersky Lab experts also analyzed the sites from which users have followed links to malicious objects. It appears that the bulk of these resources are made up of pornographic sites, file exchange services and pirated software sites. This corresponds to the global situation. As such, it appears that content filtering has dramatically improved web security in the region, but has yet to completely eliminate the threat posed to users by malicious sites.
*About Kaspersky Security Network
Kaspersky Security Network (KSN) automatically collects and sends information on attempted infections and all unknown suspicious files downloaded and executed on users’ computers to Kaspersky Lab. This information is gathered with the consent of the user and is completely confidential. It is then transferred to Kaspersky Lab’s centralized servers where it is analyzed.
