Wednesday, 06 April 2005 23:00

Virus attacks continue to escalate says survey


ICSA Labs, an independent division of security company Cybertrust, Inc. has released the results of a survey showing that the frequency of virus attacks, and subsequent costs to businesses have increased for the tenth consecutive year.


ICSA Labs conducts the Virus Prevalence Survey to measure the frequency and impact of computer viruses and malicious code in medium to large-size organizations.  The survey queries 300 companies and government agencies worldwide, gathering data on computer virus problems, the rate and methods in which encounters become actual infections, and the costs and downtime associated with the organization remedying the viruses and restoring full business operations.   The survey was sponsored by Grisoft Software, McAfee, Inc., Microsoft, Sophos, Trend Micro, Virus Bulletin, Eset, Fortinet and MIS Training Institute.

Key trends highlighted in the 2004 survey include:

'¢       Virus encounters increased by nearly 50% from 2003, with a rate of 392 encounters per 1,000 machines per month. The amount of actual infections also increased, represented by a rate of 116 infections per month.

'¢       The number of virus disasters (an incident where 25 or more PCs or servers are infected at the same time by the same virus causing significant damage or monetary loss to the organization) was up 12% from the previous year. Of the 300 respondents, 112 reported a virus disaster, over the 92 reported in 2003.

'¢       Perhaps of more significance was an increase in recovery time and costs associated with these disasters.  Recovery time rose to seven person-days and self-reported costs were estimated to be US$130,000, both significant increases of over 25% from 2003.

'¢       Malicious code is a growing problem, with 91% of respondents indicating they believe malicious code is 'somewhat worse or much worse' than in 2003. Of note: Zero respondents felt that the problem was better than last year.

'This survey shows that the malicious code problem worsened, even though 2004 was a year where there were no major worm events, such as Blaster, Sobig, Nachi triumvirate in August of 2003,' said Dr. Peter Tippett, chief technology officer at Cybertrust. 'While we may be making some progress in reducing the number of virus encounters that become virus infections, the sharp increase in the sheer number of attacks means that the affect on businesses continues to escalate. With ten years of data in hand, we can say with confidence that typical, product-oriented defensive or reactive measures are not enough to stand up to this escalation. Companies must take proactive steps to protect their information assets through intelligent practices and policies, as it is clear that increased spending on defensive technologies alone consistently fail to stem the tide.'

Studies have shown that organizations can reduce their risk of malicious code exploits by over 90% by applying tested security practices and implementing security control policies that deliver documented results, without negatively impacting the user experience. Most noteworthy is that these organizations can realize these improvements while using the same basic defensive technologies - anti-virus software, firewalls - as other similar organizations. Examples of these controls include protections such as personnel policies, practices and training, file attachment filtering; specific router configurations, email clients, email servers, web browsers, and business applications such as word processors and spreadsheets.

'Ten years of compelling data clearly indicates the virus problem shows no sign of abating, and the affect of malicious code in the terms of real impact on business continues to rise,' said Larry Bridwell, content security programs manager at ICSA Labs and author of the survey. 'All indications are that this trend will continue, as organizations continue to extend themselves beyond the traditional enterprise, creating new entry points into their networks and information assets that can in turn be exploited as points of attack for malicious code. Real progress will be made when companies rely less on defensive technologies and more on proactive security polices and practices.'

Read 8301 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Stan Beer

Stan Beer has been involved with the IT industry for 39 years and has worked as a senior journalist and editor at most of the major media publications, including The Australian, Australian Financial Review, The Age, SMH, BRW, and a number of IT trade journals. He co-founded iTWire in 2004, where he was editor in chief until 2016. Today, Stan consults with iTWire News Site /Website administration, advertising scheduling, news editorial posts. In 2016 Stan was presented with a Kester Lifetime Achievement Award for his contribution to Australian IT journalism.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News