Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

The Impact of Worms and Viruses

Worm attacks are taking a high toll on business globally. This is a major concern because of the sheer number of new worms that have been introduced over the past 12-18 months, coupled with a rising mobile workforce that can now connect to Internet resources from anywhere. In addition, there is an increasing ineffectiveness of traditional malicious code detection technologies, such as anti-virus software, to detect and block new worms.

For nearly half the enterprises polled by the 2004 CSI/FBI Computer Crime and Security Survey, the costly cycle recurred up to five times a year, while another 12 percent were victims of more than 10 attacks a year. The surveyed enterprises reported a combined loss of $55 million due to this one problem-about 40 percent of their total losses from all types of network security incidents. Nearly all of these enterprises had invested in firewalls and anti-virus solutions. But the worms still got in and left an estimated $475,000 in remediation costs (in the case of Blaster) per infected company.

By the Numbers
Computer Economics, Inc. notes these significant findings in their report, The Impact of Malicious Code:

  • The three largest worms of 2003, Sobig, Nachi, and Blaster, affected systems globally and caused close to $5 billion in damages.
  • From February 2004 to May 2004, several variants of MyDoom, Netsky, Bagel and Sasser caused over $11 billion in damages worldwide. This was the highest four-month total ever.
  • The financial impact of viruses from 1995 to 2004 has grown from $500 million to $16.7 billion.

What are the costs that are used to calculate the damages associated with worms and viruses?

  • Labor: This includes the cost to analyze and repair all infected systems
  • Tools: Both hardware and software tools that need to be purchased to get the network back into working order
  • Productivity loss: Network downtime often means that employees will not have access to critical applications for their jobs
  • Lost income: The revenue that is lost during network downtime

Data such as this has forced effective defense against worms to become a critical security component for today's organizations in order to ensure productivity and business continuity.