Seattle is the most dangerous city in the U.S. when it comes to cybercrime, Symantec said today.
The Northwest sported two of the top 10, with Portland, Ore., ranked No. 10 in the list of the nation's 50 largest metro areas. Rounding out the first five were Boston, Washington D.C., San Francisco and Raleigh, N.C. Atlanta, Minneapolis, Denver, and Austin, Texas completed the top 10.
At the bottom, as in least dangerous, were Detroit (No. 50); El Paso, Texas (No. 49); and Memphis, Tenn. (No. 48).
"I look at it like driving a car," said Dan Nadir, the director of product management for Symantec. "Your risk of an accident is going to be greater the more you drive. If you're online more, you need to be more cautious, just like the more you're on the road, the more you should wear your seatbelt, have airbags and rotate your tires."
Symantec partnered with Sperling's BestPlaces to come up with the rankings, which relied on data from the former's security response team for factors including the number of malicious attacks, infected machines and spam-spewing zombies per capita. Sperling's contributed data on the prevalence of computer ownership, Internet use and potentially-risky online activities, including online banking and online shopping. Also factored into the rankings was the number of free WiFi hotspots per capita.
"WiFi is a big concern," acknowledged Nadir, "because it's something most people don't understand, and most don't know who is behind that hotspot, or if it's even legitimate."
Each city's score was calculated by adding the point totals for each criteria, which were based on their relation to other cities' scores. A city with the highest total for each factor -- indicating the riskiest of the 50 -- was scored as 100, while the city with the lowest total was given 0.
Seattle topped the list with a total score of 188.2, beating second-place Boston and Washington D.C., which scored 176.6 and 174, respectively. Last place Detroit, meanwhile, came in with a score of 7.5.
Seattle, which counts Amazon and Microsoft among area technology companies, received the riskiest city award because it scored in the top 10 in every criteria, and took the No. 2 spots for both WiFi availability and risky behavior. By Symantec's definition, the latter includes such chores as buying goods online, banking online and simply going online multiple times each day.
Nadir was surprised by Seattle's ranking. "I would have said San Francisco," he admitted, citing that city's reputation for being an even hotter hotbed of technology than Seattle, as well as its lead in public WiFi locations. The only reason why San Francisco wasn't the most dangerous was because its cybercrimes rating -- the number of attacks, potential infections, infected bots and spamming systems -- was a relatively low No. 17.
"That's what separated it from Seattle," Nadir said.
Like any scoring system, whether for best places to live, most expensive to eat in, or in this case, most dangerous to people wielding a computer, the Symantec ranking doesn't portray the experiences of everyone who lives there, Nadir acknowledged. "The number one thing take away from this, I think, is the awareness that if you're online more, you need to be more cautious," he said.
The complete 50-city ranking can be downloaded from Symantec's Web site (download PDF). A more detailed description of the rating methodology and the scores for each city are available in 16-page report (download PDF).
Symantec also released a similar ranking for Canadian cities (download PDF), which puts Burlington, Ontario, at the top of the list and Longueuil, Quebec, at the bottom. Vancouver, British Columbia, the host of the 2010 Winter Olympics, was rated the fourth-most-dangerous city in Canada.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.