Is the threat of 'cyber attack' as great as Theresa May thinks?
18 October, 2010 - 17:17 -- Full Fact team
The Home Secretary this morning defended the inclusion of cyber crime on a list of national security priorities by describing the scale of the problem faced by the UK. But did the number of viruses in circulation really double last year?
Ahead of tomorrow’s much-anticipated Strategic Defence Review, the Government today announced its National Security Strategy, which prioritised four ‘tier one’ risks faced by the country.
Alongside terrorism, natural disasters and military conflict stood a more surprising inclusion in this list: the threat that the UK may be a target of a ‘cyber attack’.
The claim:
This morning Home Secretary Theresa May told the Today programme’s John Humphrys that technological crime deserved to be at the forefront of the Government’s security strategy, and the extra funding consequently prescribed for it.
She said: “We have identified [cyber crime] as a new and growing threat to the UK. Over 50 per cent, just about 51 per cent, of the malicious software threats that have ever been identified, were identified in 2009.”
Whilst few would doubt the speed of the internet’s growth, Full Fact was curious to know where this 51 per cent figure came from, and whether or not it gave an accurate portrayal of the size of the threat posed by malicious software.
Analysis:
We contacted the Home Office regarding the stat, and they directed us towards a report conducted by computer security firm Symantec.
This year’s study found that “Symantec created 2,895,802 new malicious code signatures in 2009, a 71 per cent increase over 2008; the 2009 figure represents 51 per cent of all malicious code signatures ever created by Symantec.”
Whilst there is therefore solid research behind the Home Secretary’s assertion, it is worth noting that Symantec’s definition is subtly different to Ms May’s.
This is because it records the number of signatures assigned to new malware reported, and not necessarily the exact number of viruses, worms or Trojans in circulation.
Signature-based detection, which uses the signatures mentioned in Symantec’s report to catalogue and combat malicious software, is only one method used by antivirus firms to tackle malware, and therefore does not necessarily represent an exhaustive list of the sort of software described by Ms May.
Furthermore as cKnow.com has pointed out, the recent explosion in the volume of registered malware does not necessarily correspond to a growth in the number of people attempting attacks, as increasingly the software is programmed to mutate on the infected computer before it is passed on to others, where it mutates again.
These ‘polymorphic’ viruses each register as separate signatures with Symantec, even though they originate from one piece of code.
Indeed there is some doubt over the strength of the “growth” in this area perceived by the Home Secretary.
Whilst the fact that over half of the recorded malicious code signatures in existence originated within the last year sounds impressive, it is worth noting that this actually represents a slowing of growth, as in 2008 per cent of the signatures on record originated within that calendar year, and over three quarters did the same in 2007.
Conclusion:
So whilst Theresa May is not wrong to point to a growing number of malware iterations recorded by internet security firms such as Symantec, the nature of this growth is more questionable, as is its relationship with any national security threat that might be faced by the UK.
Comment is free but facts are expensive!
Full Fact believes in the possibility of accurate and informed debate. Our factchecks look at whether it is reasonable for interested citizens to trust the claims of politicians and journalists based upon the evidence that is available to us. Where we find mistakes, we ask for them to be corrected.
Corrections:
We aim for our factchecks to be as accurate and up-to-date as possible. If you think we have made an error or missed some relevant information, please email: corrections@fullfact.org