Feeds

Close encounters of the viral kind

Virus infection and clean-up costs rise - again

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Viral outbreaks became more frequent and expensive last year, according to a study by security testing outfit ICSA Labs released today.

Almost one in three (30 per cent) of 300 organisations surveyed by ICSA Labs reported a serious virus outbreak last year, compared to 15 per cent in 2002. ICSA Labs defines a serious virus outbreak (or "virus disaster" as it calls it) as one where 25 or more PCs/servers become infected at the same time by the same virus.

Disaster recovery costs increased by 23 per cent in 2003 to reach approximately £55,000 ($100,000) per organisation per virus disaster, according to ICSA Labs' 9th annual Virus Prevalence Survey.

The survey recorded more than 2.7 million virus encounters among the sample group of 300 last year. The group (collectively responsible for managing almost one million desktops, servers and perimeter gateways) experienced a rate of 108 virus infections per 1,000 machines per month during the year, up from 105 infections in 2002 and just 10 infections in 1996.

August 2003 - thanks to Blaster, Nachi and Mimail variants - was the worst month for these calamities, accounting for 42 per cent of the major outbreaks reported. January 2003 - when Slammer and the first SoBig hit PCs worldwide - was another bad month.

New virus types, file sharing and new replication vectors are blamed for rising infection rates.

And matters show little sign of improving thus far this year.

"The re-emergence of 'outbreak events' and the success of mass mailers in early 2004 illustrates that organizations are not making enough progress in their defence against malicious code," said Larry Bridwell, content security programs manager at ICSA Labs and author of the survey. "Organizations must take a more proactive stance in securing their networks and educating their employees, vendors must make more secure software, and anti-virus vendors must make more effective heuristic applications if 2004 is to be different." ®

Related stories

UK.biz leaves door open to hackers
Blaster beats up British business
Malicious code threats celebrate bumper 2003

The next step in data security

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.