About 18 percent of computers worldwide encountered a virus or malware last year, down from 19 percent the previous year, Microsoft said in a report outlining the state of cybersecurity threats.
But the rate of infections was far lower, Microsoft says. Just 0.9 percent of computers using Microsoft’s malware removal tool last year had been infected by malicious software, little changed from 2014.
People were most likely to encounter malware in North Africa, the Middle East and Southeast Asia. Computers in those regions tend to have less malware protection than the United States and Europe, Microsoft says.
The report, which Microsoft releases twice a year, is part of the company’s efforts to contribute to cybersecurity research and reassure customers worried about increasingly high-profile attacks that swiped data from companies such as Target and insurer Premera Blue Cross.
“Everyone’s paying attention to cybersecurity, and everyone understands the sense of urgency,” said Tim Rains, Microsoft’s director of security.
The impression of safety is imperative for Microsoft as the company pushes consumers and businesses to buy Web-based versions of its software.
Chief Executive Satya Nadella in November touted $1 billion in annual company spending on security initiatives, and the company inaugurated a new home for its cybersecurity initiatives on its Redmond campus.
On the policy front, Microsoft has mounted a public campaign to reassure customers on privacy.
Last week, the company published a paper revealing the discovery of a sophisticated group of hackers that since at least 2009 have primarily targeted government and business institutions in Southeast Asia.
Microsoft stopped short of identifying the group, dubbed Platinum, but said it showed signs of being well funded and targeted information that would be most useful to government bodies.
Microsoft’s latest security report touted the protection the company was able to offer its Web-based-software users. Its algorithms designed to detect and respond to threats across the millions of devices using Microsoft software could dig up patterns that might be missed by companies’ security staff or competitors with less data to work with, the company says.
Microsoft’s automated account protection systems stop about 10 million attacks a day, on services from Outlook email to Xbox Live and the company’s server tools, the company says.
When Microsoft got into the security business in the early days of the Web, the company tried to charge for such services as virus and malware prevention, and email spam filtering.
The company backtracked, offering many basic security services for free. Fewer infected computers would make the millions of other Windows machines safer, executives decided.
The company has tried to replicate that approach in the cloud, though it still does charge customers for some advanced security analytics and other offerings.
“There’s a recognition in the industry that having services that can be trusted and have security built into them is table stakes,” Rains said.
Subscribe to the Morning Review newsletter
Get the day’s top headlines delivered to your inbox every morning by subscribing to our newsletter.