Information Security News mailing list archives
Virus Threat's Bad And Getting Worse - ICSA Survey
From: William Knowles <wk () C4I ORG>
Date: Tue, 24 Oct 2000 15:02:18 -0500
http://www.computeruser.com/news/00/10/24/news7.html By Kevin Featherly October 24, 2000 The number of corporations infected by viruses this year has risen by 20 percent, with the pace of infections accelerating rapidly, according to a report issued Monday by anti-virus consulting firm ICSA.net. Larry Bridwell, content security program manager for ICSA Labs in Carlysle, Penn., and a study co-author, said the company's 2000 report indicates the danger for corporate "virus disasters" is worse now than it has ever been in the six years that ISCA has been conducting its annual virus surveys. "When we see the number of incidents per 1,000 machines in a company effectively doubling every year over a five-year period, it's a wake-up call," Bridwell told Newsbytes Monday. According to the survey companies reporting computer virus disasters increased more than 20 percent in the last year and continue to accelerate. The survey is based on a poll of more than 300 companies that have 856,000 PCs, conducted this year. Among its findings: - For a typical company, losses in productivity associated with viruses is rising, estimated to cost between $100,000 and $1 million per company annually. - Forty percent of companies report data losses due to viruses, a 23 percent increase over 1999. - Two-thirds of companies experienced file problems stemming from incoming viruses, up from half of companies in 1999. "Virtually all of the companies responding to the survey (99.67 percent) experienced at least one virus encounter during the survey period," according to the report's executive summary. "Only one company claimed not to have experienced such an encounter. The group of 300 organizations had 303,356 encounters on 855,899 machines ... for the years 1998, 1999 and early 2000." That translates to more than 160 encounters per 1,000 machines per year, or about 14 encounters per 1,000 machines per month over the survey period, the report states. The numbers represent the fifth consecutive year of increased corporate virus incidents, according to the report. The threat to individual Net users also is expanding, Bridwell indicated. He said that recent high-profile assaults involving the e-mail viruses Melissa and the Love Bug - or Love Letter, as it also is known - are indicative of the new seriousness of the problem. "Melissa sort of spread in a few days. Love Letter spread in a few hours because it took the limitation off and sent it to everybody in your (e-mail) address book," Bridwell said. "The trend in virus-writing seems to be to write viruses that use the Internet connectivity and use a worm payload." This means that many current worm-like viruses designed to besiege companies and private Net users no longer require any human touch. That makes them different from unlike older viruses that tended to require a host program or attachment file in order to replicate, and which often were spread by diskettes passed from machine to machine. "A worm only needs Internet connections; weak points in security," Bridwell said. "They don't need human intervention to spread. ... So these mass-mail or worm-like viruses or worm-like payloads tend to be much faster than humans." Bridwell said that, when projected to the future, one of the most alarming things about the current virus trend is that the Internet itself is becoming so pervasive in American life at the same time that most of the computing world continue to rely on a single operating system - Windows - which can be easily targeted because of its very dominance. Windows-reliant corporations, governmental agencies, and private citizens alike rely on the Net more every day to conduct their normal business, expanding the risks ever further, Bridwell said. That problem is only likely to worsen, he said. "One of the things that concerns us," Bridwell said, "is that if these things are growing at this rate - with the number of Americans we have connected to the Internet, and the number of people worldwide - what happens when we start having pervasive connections such as DSL and cable, where people are connected all the time?" Asked if he believes that the threat of relatively innocuous e-mail worms serve as a warning about much more serious cyber-terrorism threats, Bridwell hedged, saying that ISCA prefers to act as the voice of reason with regard to those risks. But he didn't deny that the shadow of cyberterrorism may loom in the reports findings. "I will say this: with the ever-increased functionality of programs, the increased of use of the mass-mail technology - while I wouldn't necessarily say 'terrorism' - I would say pointed attacks are more easily accomplished and more likely in the future. That would not rule out in the future, I would say, some sort of terrorist attack," he said. "Do I think that it's there now for terrorism? No, I don't think so," he continued. "I think there is a wake-up call that we begin to look at those, because the more we put our faith in the Internet and the more companies and government agencies that use the Internet for their normal business operations, we do leave ourselves open." Bridwell said the answer is a combination of "quality" virus detection systems applied to all areas of a company's computing system - from the desktop to the e-mail gateway to the firewall. But that is merely the front-line approach, he said. It needs to be augmented with a more "holistic" protections, including measures like barring entry to incoming e-mails with .doc attachments, or barring any e-mail attachments whatsoever. ICSA.net is a consultant that makes its money by surveying corporate virus risks and implementing anti-virus systems. The company's Web site says its lab sets standards, performs research, tracks and measures risks and certifies 98 percent of the market's anti-virus systems. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Virus Threat's Bad And Getting Worse - ICSA Survey William Knowles (Oct 25)