Wednesday, 06 April 2005 23:00

Virus attacks continue to escalate says survey


ICSA Labs, an independent division of security company Cybertrust, Inc. has released the results of a survey showing that the frequency of virus attacks, and subsequent costs to businesses have increased for the tenth consecutive year.


ICSA Labs conducts the Virus Prevalence Survey to measure the frequency and impact of computer viruses and malicious code in medium to large-size organizations.  The survey queries 300 companies and government agencies worldwide, gathering data on computer virus problems, the rate and methods in which encounters become actual infections, and the costs and downtime associated with the organization remedying the viruses and restoring full business operations.   The survey was sponsored by Grisoft Software, McAfee, Inc., Microsoft, Sophos, Trend Micro, Virus Bulletin, Eset, Fortinet and MIS Training Institute.

Key trends highlighted in the 2004 survey include:

'¢       Virus encounters increased by nearly 50% from 2003, with a rate of 392 encounters per 1,000 machines per month. The amount of actual infections also increased, represented by a rate of 116 infections per month.

'¢       The number of virus disasters (an incident where 25 or more PCs or servers are infected at the same time by the same virus causing significant damage or monetary loss to the organization) was up 12% from the previous year. Of the 300 respondents, 112 reported a virus disaster, over the 92 reported in 2003.

'¢       Perhaps of more significance was an increase in recovery time and costs associated with these disasters.  Recovery time rose to seven person-days and self-reported costs were estimated to be US$130,000, both significant increases of over 25% from 2003.

'¢       Malicious code is a growing problem, with 91% of respondents indicating they believe malicious code is 'somewhat worse or much worse' than in 2003. Of note: Zero respondents felt that the problem was better than last year.

'This survey shows that the malicious code problem worsened, even though 2004 was a year where there were no major worm events, such as Blaster, Sobig, Nachi triumvirate in August of 2003,' said Dr. Peter Tippett, chief technology officer at Cybertrust. 'While we may be making some progress in reducing the number of virus encounters that become virus infections, the sharp increase in the sheer number of attacks means that the affect on businesses continues to escalate. With ten years of data in hand, we can say with confidence that typical, product-oriented defensive or reactive measures are not enough to stand up to this escalation. Companies must take proactive steps to protect their information assets through intelligent practices and policies, as it is clear that increased spending on defensive technologies alone consistently fail to stem the tide.'

Studies have shown that organizations can reduce their risk of malicious code exploits by over 90% by applying tested security practices and implementing security control policies that deliver documented results, without negatively impacting the user experience. Most noteworthy is that these organizations can realize these improvements while using the same basic defensive technologies - anti-virus software, firewalls - as other similar organizations. Examples of these controls include protections such as personnel policies, practices and training, file attachment filtering; specific router configurations, email clients, email servers, web browsers, and business applications such as word processors and spreadsheets.

'Ten years of compelling data clearly indicates the virus problem shows no sign of abating, and the affect of malicious code in the terms of real impact on business continues to rise,' said Larry Bridwell, content security programs manager at ICSA Labs and author of the survey. 'All indications are that this trend will continue, as organizations continue to extend themselves beyond the traditional enterprise, creating new entry points into their networks and information assets that can in turn be exploited as points of attack for malicious code. Real progress will be made when companies rely less on defensive technologies and more on proactive security polices and practices.'

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Stan Beer

Stan Beer assists with Digital Advertising installation and monitoring of advert performance. With 35 plus years of experience working in IT and Australian technology media, Beer has published articles in most of the IT publications that have mattered, including the AFR, The Australian, SMH, The Age, as well as a multitude of trade publications. Any previous news story submissions should be director to and advertising enquires to

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News