Feeds

Clueless office workers help spread computer viruses

Don't know, don't care

  • alert
  • submit to reddit

High performance access to file storage

Busy or apathetic employees are accelerating the spread of viruses and potentially costing UK businesses millions in clean-up charges, according to a survey out today.

Two-thirds of the 1,000 people quizzed by market researchers TNS in January admit they are not aware of even the most basic virus prevention measures. Meanwhile a third of those polled in the Novell-sponsored study said they are too busy to check their emails before opening them.

Depressingly, nine in ten of the workers quizzed believe that have no part to play in preventing the spread of viruses, preferring to leave responsibility to "their IT department, Microsoft or the government".

Where does Novell find these lunk heads? UK office workers, that's who.

Even allowing for the fact the survey took place in the first two weeks of January - before the ongoing MyDoom pandemic - one would think that most people would have a fair idea of what a virus-infected email might look like. Not so - two thirds of the respondents to the survey said they didn't have a clue.

Over one third of UK workers quizzed feel overwhelmed by the number of emails they get and a third claim to be too busy to check emails before opening them. One in five people surveyed said they are "too busy to download anti-virus updates".

Any sensible admin should implement procedures to automate this process, but even so it's yet another sad indictment of the limitations of the AV scanner approach.

The report reveals that workers are blasé about the possibility of aiding and abetting virus attacks on company systems. Even though 62 per cent of UK workers rate viruses as the number one security risk, over half say that they would “not be particularly bothered” if they encountered an attack and only five per cent said they would be worried if they personally had spread the virus.

UK workers are just as lax about other aspects of security, the survey found.

A third of employees quizzed write their computer passwords down to help them remember and one in ten keeps them on a Post-It note on their desk. More than half (55 per cent) of those quizzed base their passwords on people's names, making them far easier to guess.

The vast majority were unaware of the dangers of phishing whilst more than half (58 per cent) of respondents regularly forward spam to friends and colleagues without thinking.

Steve Brown, managing director of Novell UK, commented: “UK workers, who through lack of time, technology know-how or care, put their business at risk by making basic security errors. People are highly aware of the dangers posed by viruses but don’t take any personal responsibility for minimising risks.

"Unless UK businesses start to take end user education seriously, we are going to see the impact of cyber crime spiral in 2004.” ®

Related Stories

MyDoom is the worst virus ever
'The clueless users who refuse to upgrade'
The trouble with anti-virus
Viruses and hackers make Windows more secure - Gates
Users haven't learned any lessons from the Love Bug

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.