In-Depth

Unsolicited E-mail Tops List of Intrusions

Spam edges out viruses; legal threat rises

• By Mathew Schwartz
• 07/09/2003

The program has hit 82 percent of organizations, whereas 74 percent of organizations say they’ve been hit by computer viruses.

Offers of discounted, prescription aphrodisiacs and adult entertainment go beyond the annoying—about a quarter of organizations worry such spam will open the company to future lawsuits. Worse, almost three-quarters of respondents say spam noticeably impacts network bandwidth.

“This survey clearly shows that spam has developed into a real issue for corporate America,” says Laura DiDio, a Yankee Group senior analyst.

Still, viruses remain potent—of the 52 percent of companies that reported a security breach within the past year, 46 percent of them traced the chief culprit to viruses.

Given the ongoing threats, and despite mostly ranking security as a high priority, companies—thanks to the poor economy—mostly don’t have additional resources to bring to the fight. At 46 percent of companies, stagnant security budgets in the last year are the rule. While 41 percent of respondents will increase their security budget, it will be by less than 10 percent.

Other survey trends also echo commonly known trends (see “CSI/FBI Report: Losses Down, Vulnerabilities Up”—http://info.101com.com/default.asp?id=1705). In the past year, 51 percent of organizations suffered a security breach, and a distributed denial of service attack hit 26 percent of respondents. While 16 percent of organizations reported external hacks, internal attacks are also appreciable—4 percent say a current employee hacked the network. Ex-employees remain a threat too, with 2 percent of organizations getting hacked by former workers.