Study: Virus Attacks Up But Infections Hold Steady

Last year more — and more dangerous — viruses raced across the Internet than ever, according to a new study.

The good news is that while more companies were infected last year than in 2002, the growth

in infections is actually lower than in recent years.

”I think it’s a good news/bad news thing,” says Larry Bridwell, a content security

programs manager with ICSA Labs, a division of TruSecure, a risk management company based

in Herndon, Va. ”The bad news is that we’re seeing more and more viruses, and they’re more

dangerous than ever before. The good news is that we’re doing things to mitigate against

that risk.”

The 9th Annual ICSA Labs Virus Prevalence Survey, which collected data from more than 300

medium and large businesses and government agencies, shows that the flood of virus attacks

on corporate and consumer networks is increasing at a torrential rate. The survey shows

that 88 percent of respondents think that malicious code is ‘somewhat worse or much worse’

than 2002, with only 12 percent stating the situation was ‘the same or better’ in 2003.

And the numbers back that up.

The approximate 300 companies surveyed reported 2.7 million virus encounters in all of

2003. That translates into 201 virus encounters for every 1,000 machines every month. And

those encounters brought on 108 infections for every 1,000 machines every month.

The survey also shows that the infection rate is flattening. From 1996 through 2000, there

was a 12 percent increase in infections every year. However, between 2001 and 2003, that

infection rate only increased by 2 percent or 3 percent each year.

”Due diligence has obviously been helping,” says Ken Dunham, director of malicious code

at iDefense, Inc., a security and anti-virus company. ”People are starting to make a clear

association between the cost of doing business and the interruptions that viruses cause.

They’re realizing that if they have to send users home because the network is down or if

clients can’t access their Web site, the cost is dramatic…. They’re taking more steps to

protect themselves.”

Bridwell, who worked on the survey, says the number of encounters is dramatic when you

consider that every encounter means that an IT worker had to do something to ward off

trouble.

”An encounter means that they had to deal in some way with the virus,” says Bridwell.

”Maybe they had to block something or filter an email attachment. Maybe a salesman got a

virus on his laptop and it didn’t infect the network but it had to be cleaned up.

”We’re seeing a spike in how much companies have to defend against,” he adds.

And Bridwell says the survey also shows that the viruses rolling across the Internet are

more dangerous than ever.

”These viruses are designed to attack specific vulnerabiliti3s in networks and operating

systems,” says Bridwell. ”They’re also being designed to spread faster and they’re more

complex. They have SMTP engines and they’re carrying backdoor Trojans.

That increase in sophistication means that when a company gets it, they’re more frequently

getting hit really hard.

The survey shows that 92 of more than 300 respondents reported virus disasters in 2003, an

increase of 15 percent over 2002. For an event to qualify as a virus disaster, there must

be 25 or more PCs or servers infected at the same time with the same virus, or a virus

incident causing significant damage or monetary loss to the company.

The report also shows that malicious code is costing organizations lots of money. In 2003,

disaster recovery costs increased by 23 percent to almost $100,000 per organization per

event.

Carole Theriault, a security consultant with Sophos, Inc., an anti-virus and anti-spam

company with its U.S. base in Lynnfield, Mass., says a large part of the danger comes from

the quickening pace that viruses are being released and at the lightening fast rate they’re

traveling across the Internet — and across corporate networks.

”The new threat is the sheer amount of traffic coming in,” says Theriault. ”Last August,

Sophos was receiving 400,000 copies of Sobig at its gateway. We have lots of bandwidth and

we could handle lots of traffic, but it still slowed us down. It’s like a 100,000 people

trying to get into Wal-Mart at the same time.”

Theriault points to MyDoom, Netsky-D and Sober-C as examples of big viruses that travel

fast, creating a lot of havoc in their wake.

But Bridwell also says that most of last year’s virus trouble could have been nipped at the

bud by simply stopping executable attachments from entering a network.

”What this says is that the virus writers are doing a better job of writing viruses and

fooling people into wanting to click on the attachments,” says Bridwell. ”We need to

filter out those attachments because they’re spoofing the sender’s address. They’re making

it look like the email came from the user’s own company. Let’s remember that a lot of end

users have only been using computers for eight, 10 or 15 years, and there’s a lot of

education still to be done to understand what the dangers are, and what the risks are.”

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020