Viral outbreaks became more frequent and expensive last year, according to a study by security testing outfit ICSA Labs released today.
Almost one in three (30 per cent) of 300 organisations surveyed by ICSA Labs reported a serious virus outbreak last year, compared to 15 per cent in 2002. ICSA Labs defines a serious virus outbreak (or "virus disaster" as it calls it) as one where 25 or more PCs/servers become infected at the same time by the same virus.
Disaster recovery costs increased by 23 per cent in 2003 to reach approximately £55,000 ($100,000) per organisation per virus disaster, according to ICSA Labs' 9th annual Virus Prevalence Survey.
The survey recorded more than 2.7 million virus encounters among the sample group of 300 last year. The group (collectively responsible for managing almost one million desktops, servers and perimeter gateways) experienced a rate of 108 virus infections per 1,000 machines per month during the year, up from 105 infections in 2002 and just 10 infections in 1996.
August 2003 - thanks to Blaster, Nachi and Mimail variants - was the worst month for these calamities, accounting for 42 per cent of the major outbreaks reported. January 2003 - when Slammer and the first SoBig hit PCs worldwide - was another bad month.
New virus types, file sharing and new replication vectors are blamed for rising infection rates.
And matters show little sign of improving thus far this year.
"The re-emergence of 'outbreak events' and the success of mass mailers in early 2004 illustrates that organizations are not making enough progress in their defence against malicious code," said Larry Bridwell, content security programs manager at ICSA Labs and author of the survey. "Organizations must take a more proactive stance in securing their networks and educating their employees, vendors must make more secure software, and anti-virus vendors must make more effective heuristic applications if 2004 is to be different." ®