Virus encounters, virus disasters, malicious code — and the recovery time and costs associated with these events — are on the rise, according to a new survey.
Cybertrust division ICSA Labs’ 10th Labs Virus Prevalence Survey shows that viruses in 2004 increased nearly 50 percent over the previous year, reaching 392 encounters per 1,000 machines each month. The amount of actual infections also increased at a rate of 116 infections per month. And virus disasters rose 12 percent from the previous year.
The increase in recovery time and costs associated with these disasters is increasing. ICSA found that the recovery time rose to seven person-days, and self-reported costs were estimated to be US$130,000, both significant increases of over 25 percent from 2003.
The survey also shows that malicious code is a growing problem, with 91 percent of respondents indicating they believe malicious code is “somewhat worse or much worse” than in 2003. No respondents felt that the problem was better than last year.
Wanted: Proactive Corporations
“All indications are that this trend will continue, as organizations continue to extend themselves beyond the traditional enterprise, creating new entry points into their networks and information assets that can, in turn, be exploited as points of attack for malicious code,” said Larry Bridwell, Content Security Programs manager at ICSA Labs and author of the survey.
“Real progress will be made when companies rely less on defensive technologies and more on proactive security polices and practices.”
According to Cybertrust, measures including personnel policies, practices and training, file attachment filtering, and specific router configurations act as an additional layer of protection.
No Magic Bullet
Ken Dunham, the director of malicious code research at iDefense, a Reston, Va.-based threat intelligence firm, told TechNewsWorld that there is no magic bullet to stop the attacks. Due diligence, he said, is the key to reducing the number of malicious attacks that are costing companies downtime and lost dollars every year. He likens hackers to lions in the jungle seeking to devour corporate electronic assets.
“Imagine if a lion was hunting you out in the African safari,” Dunham said. “You would make sure every single move you made was carefully planned so the lion couldn’t find you because you know once he finds you it is almost impossible to avoid serious injury or death. There’s a lot to be said for preventative measures and training employees to have a multi-layered defense plan.”