Report: Rise in virus attacks costs firms dearly

Not only did companies suffer more virus infections last year, but they had to also spend more--an average of almost $100,000--to cure them, according to a new survey.

Robert Lemos Staff Writer, CNET News.com

Robert Lemos

covers viruses, worms and other security threats.

See full bio

Robert Lemos

March 19, 2004 3:47 p.m. PT

2 min read

More companies suffered extensive virus infections in 2003 than in the previous year and spent on average almost $100,000 to clean up each attack, according to new research.

The Computer Virus Prevalence Survey found that last year, almost a third of the hundreds of businesses polled worldwide had suffered a virus "disaster," defined as 25 or more computers infected by a single virus in the same incident. The report was released on Friday by the ICSA Labs subsidiary of security firm TruSecure.



		Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section.

"The re-emergence of 'outbreak events' and the success of mass-mailers in early 2004 illustrates that organizations are not making enough progress in their defense against malicious code," Larry Bridwell, a content-security program manager at ICSA Labs, said in a statement.

The survey polled 300 randomly selected companies and found that 92 had had major virus incidents in 2003, up from 80 in the year before. The cost to recover from the incidents also increased, to almost $100,000 last year from $81,000 in 2002. Moreover, nearly 11 percent of all their machines were infected every month, according to the survey.

The numbers indicate that antivirus software isn't proof against infection. Almost all of the companies surveyed said that at least 90 percent of their desktops have antivirus protection, but still a third of the companies suffered virus disasters.

The issues is not that such software doesn't work, but that it is inherently reactive, Bridwell said. First, a virus has to be detected, and then a cure has to be created and downloaded to all antivirus tools.

"No matter how fast the antivirus industry is, no one can react fast enough," he said. "Corporations are having to be much more proactive in their policies."

The MSBlast worm, also known as Blaster, affected the most computers among the businesses surveyed, infecting almost 130,000 systems of the some 960,000 computers used by the companies. Other top threats were the Microsoft SQL Slammer worm and the Sobig and Klez mass-mailing computer viruses.

More than 80 percent of virus disasters involved one or more computer servers. The servers had to be taken down for an average of 17 hours as a result, the report said. While companies estimated the average dollar cost of a virus disaster at nearly $100,000, the most common answer was much less, at $10,000.

More than three-quarters of respondents said that outages had caused a loss of productivity, and two-thirds indicated that a major effect of an attack was to make a PC inaccessible. Corrupted files and inaccessible data were the other top virus effects.

Microsoft and antivirus firms Network Associates and Trend Micro sponsored the report.