Viruses Breed Macro-Level Headaches for Companies

Despite increased and widespread use of anti-virus software, computer virus infection rates continue to increase, a new survey concludes. Viruses continue to slow down company operations, primarily due to a lack of uniform policies for regular software updates, e-mail, proper installations and remote computer use.

The survey of 300 IT professionals, conducted by ICSA Inc. (www.icsa.net) and cosponsored by Microsoft Corp., Intel Corp., Symantec Corp., and several other companies, finds the rate of computer virus infections were 48 percent higher in 1998 than they were in 1997, at about 32 infections per 1,000 computers a month. While this represents a slowdown from the previous year's jump of 109 percent, ICSA officials express concern about the climbing rate of infections.

Much of the growth is driven by the rapid proliferation of macro viruses, says Peter Tippett, ICSA president. Tippett notes that in most cases, the delivery vehicle is e-mail attachments. "Macro viruses spread easily because the infected files often exhibit few if any obvious symptoms and because computer users need real-time software to continuously scan e-mail attachments for viruses." Of those surveyed, almost 100 percent have anti-virus software installed and running continuously. Virtually all small- to medium-size companies experienced computer virus infections. ICSA added that most of the survey respondents are likely to have individuals charged with viruses and system security.

The most common macro viruses cited in this survey include Concept and Wazzu. The second most common type of virus is a boot virus, including AntiEXE and EXEbug. The survey notes that the number of boot viruses is increasing rapidly, with a doubling in infection rate during 1997.

Typically, about 120 PCs and five servers in each company surveyed were affected by each virus incident. The greatest impact of viruses, cited by almost three out of four respondents, or 72 percent, is a loss of productivity from machine or application downtime. This is down from 81 percent two years ago. Administrators are getting a better handle on managing virus outbreaks: 57 percent report that viruses made PCs unavailable to users, versus 71 percent two years earlier.

On the average, companies experiencing virus attacks had servers down an average of 43 minutes. A complete recovery took an average of 45.6 hours, 9.4 person-days of work, and an average of $2,450 in estimated costs. It should be noted that 48 percent of companies surveyed indicated zero dollars as the cost.

Exposure to and increasing reliance on the Internet is increasing a company’s risk to viruses. Six percent of respondents experienced an attack from auto-executable code, such as Java applets, ActiveX controls, or cookies. Another 72 percent believed there was a moderate to high threat level from auto-executable code. But only 27 percent had a policy on the use of these applets or controls. Among those with policies, there appears to be more concern for security in the case of ActiveX controls than of Java applets. About 39 percent of respondents with security policies allow some sort of Java applets, whereas only 21 percent allow some sort of ActiveX controls.

Full-time background scanning software has become the method of choice for managing viruses on servers. Almost two-thirds, 64 percent, of the survey group uses full-time anti-virus scanning software, up from 54 percent last year; 41 percent use periodic anti-virus scanning software, down from 56 percent.

With the advent of macro viruses, there has been more monitoring of e-mail attachments. In 1998, 39 percent of gateways had full-time anti-virus software installed, up from 29 percent the year before. There also has been some movement toward adding virus detection software to proxy servers and firewalls. About one-third of companies, 33 percent, have virus protection on firewalls, up from 29 percent in the last survey; 26 percent have protection for proxy servers, up from 24 percent the previous year.

Infections per 1,000 Computers per Month:

1996

10.25

1997

21.45

1998

31.85

Source: ICSA

 

Top 10 Viruses In 1997-98 (Infections per 1,000 computers):

WM/Concept

3.8

WM/Wazzu

2.5

WM/CAP

1.6

XM/Laroux

0.8

Stealth B or C

0.7

NYB

0.6

Form

0.2

AntiCMOS

0.15

WM/Npad

0.15

AntiEXE

0.09

AVERAGE

0.4

Source: ICSA