Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
The Almighty Buck The Internet

What's The Actual Cost of A Virus? 526

Posted by simoniker from the return-to-sender dept.
ThosLives writes "CNN Money just posted a story that says the MyDoom virus may cost businesses $250M. My favorite quote is that for small to medium businesses with 400 or less employees, the estimate is between $48,000 and $58,000 cost to 'secure themselves' from the particular virus. Does anyone know where that number comes from? If one can charge a year's salary to fix one virus, I'm in the wrong job! Any input out there on the real, hard costs of things such as virus protection?"
This discussion has been archived. No new comments can be posted.

What's The Actual Cost of A Virus? More

What's The Actual Cost of A Virus?

Comments Filter:

  • Actual Cost of a Virus / SCO (Score:5, Funny)

    by DarkHelmet ( 120004 ) * <mark&seventhcycle,net> on Thursday January 29, 2004 @04:36AM (#8121717) Homepage

    Let's see...

    The cost of securing your mail server from viruses includes...

    1. Download of Antivirus for sendmail [freshmeat.net]
    2. Installation of said program. (Which is about a day if you factor in moron-ness)
    3. Keep new viruses in check.
    4. The cost of 400 yellow post-it notes saying "DO NOT OPEN FILE IF EXE OR SCR!" (as a contingency plan.

    The total cost of protecting a company from *all* viruses that go to their business accounts runs around $200 maximum.

    Any moron who works at a company and opens said attachment should be fired anyway. So in the long run, the company actually *saves* money by all these worms going out.

    So that must mean that SCO must be rewarding the MyDoom author for all the extra money they keep from firing morons at their company that open those attachments. Wait... that can't be right...

    • Re:Actual Cost of a Virus / SCO (Score:5, Insightful)

      by cubicledrone ( 681598 ) on Thursday January 29, 2004 @05:03AM (#8121834)
      Any moron who works at a company and opens said attachment should be fired anyway.

      So remember folks: all those years of school, training, reading, getting up at 5:30AM, working your ass off, overtime, weekends, holidays, sitting in meetings, telling your asshole boss how smart he is...

      ...all reverse vacuumed into the shitpipe because you made one mistake. There's no excuse for being human in an inhuman workplace. Take your parting gifts, pack up your shit and get the fuck out. Time to watch your career get destroyed.

      • Re: Actual Cost of a Virus / SCO (Score:5, Funny)

        by Black Parrot ( 19622 ) on Thursday January 29, 2004 @05:48AM (#8121964)


        > So remember folks: all those years of school, training, reading, getting up at 5:30AM, working your ass off, overtime, weekends, holidays, sitting in meetings, telling your asshole boss how smart he is...

        > ...all reverse vacuumed into the shitpipe because you made one mistake. There's no excuse for being human in an inhuman workplace. Take your parting gifts, pack up your shit and get the fuck out. Time to watch your career get destroyed.

        You're talking to the CIO that moved the company to Microsoft products, right?

        • You're talking to the CIO that moved the company to Microsoft products, right?

          At least HE didn't catch the virus. He still gets his email printed out. His only risk is from papercuts.

      • I know what you're trying to say, but seriously, however tired I am - however stressed I am - even if I'm so out of it that I try to make myself a coffee and forget to boil the water first - I have NEVER for a moment failed to recognise a virus email the moment I saw it.

        Oh, sure, companies should provide one one-day training course on virus recognition, to protect the truly ignorant.

        But after that, anyone who still falls for them should be fired, because they shouldn't be in a job which involves reading e
        • After 15 years in the programming business, and 8 years mucking about on the internet, on Tuesday I caught my first virus.

          Yes I'm usually careful, but I opened the attached zip file out of curiosity - I've never heard of an exploit of Winzip before.

          Two minutes later we got instructions from our sysadmin to apply the new McAfee patch, which detected it. So rip out the network cable, then track down the latest version of Stinger from a co-workers machine, run it, reboot, run again, then a full system scan.
          • I don't think this thing is exploiting WinZip, is it? I know it's using WinZip to get through firewalls, but I hadn't heard that it exploted WinZip directly. I thought you still had to run the enclosed .scr or .exe yourself.

            Cuz if so I'd better get cracking. I'd unzipped one of these earlier. I don't seem to be infected but one never knows.

    • Re:Actual Cost of a Virus / SCO (Score:5, Informative)

      by PowerBert ( 265553 ) on Thursday January 29, 2004 @05:05AM (#8121842) Homepage
      We use MailScanner [soton.ac.uk] which can work with Sendmail or exim and it supports many different AV programs.
      It doesn't just do viruses though, it can run Spam checks (with or without the help of spamassassin), Filter out (and remove) dangerous HTML, filter/remove file attachments and has lots of other useful features.

      Definately worth checking out.

    • E-mail Jail on Windows (Score:2, Interesting)

      by Anonymous Coward
      You know, I've always wondered if BSD-type "jails" could be implemented on windows in regards to email messages containing attachments, or if such a thing exists, why isn't it widespread to cut virus propagation?

      Sort of like isolating Outlook, which runs attachements in a virtual server where viruses would be locked in a controlled environment and fail to spread outside of that system.

    • Re:Actual Cost of a Virus / SCO (Score:5, Interesting)

      by gujo-odori ( 473191 ) on Thursday January 29, 2004 @05:12AM (#8121857)
      That's not even close to the cost, even if you work very, very cheaply.

      The cost of anti-virus and related is the least part of the equation, even factoring in the admin's time, and I don't care *how* cheaply you work. Not even if you're a volunteer.

      The real cost is factored more like this:

      - Staff hours that are lost looking at false bounces (or worse, getting infected, something which is very common) and having to correct that

      - Helpdesk hours that are lost answering questions from people with a mailbox full of bounces for stuff they didn't send (or we hope not);

      - Helpdesk hours that are lost disinfecting the
      machines of all those who clicked the attachment. Mostly, the same ones who fell for it last time, too.

      - Sysadmin hours that may be spent on watching over stressed mail queues to make sure they don't get full, and dealing with potential mail backlogs.

      Those are three broad areas, I'm sure the accounting department could tell me a bunch more of their favorites.

      Let's say you make $20 per hour at your job. The cost of your benefits is probably also about $20 hour, assuming health insurance, etc. Heck, it could be more. But lets go with $40/hour as the total cost of your compensation for this example.

      Now, let's say you lost 30 minutes of productivity to a worm. OK, $20 bucks that your company spent on having you do something other than your job function. But, you're way smarter than most of your colleagues. You didn't click it. You've just wasted 30 minutes initially looking at what it was, deleting more copies that came in, and deleting bounces, and you ever even called the help desk. Most people are probably at one hour, maybe more. Lots more, if they got
      infected.

      If by some chance it works out that the average cost of compensation (salary + benefits) in your company is $40/hour, and you have 100 employees and on average each person lost 30 minutes to the worm (again, I bet it's hard to get the number that low in most companies when a big wrom like this appears), that's $2000 right there. Antivirus software is not even factored in because you either had it already or not, but either way, it's not a directly related expense.

      OK, that was the first day. People will deal with more crap in their mailboxes tomorrow, and the day after and quite a few days after. At least for a week, you might expect to have a company-wide average of 30 minutes per person, per day, spent on things related to the worm.
      Now we're at $10,000.

      This all assumes that no data was damaged or destroyed (if it was, the monetary value of that data, if irreplaceable, is charged. For replaceable data, the cost of an admin restoring it is charged).

      And don't think your average will probably be that low. If a lot of people get infected, your helpdesk staff and sysadmin staff will probably be spending the majority of their time on this problem for at least a week. In a typical 100-person company with a Windows machine on every desk, you may be really lucky to get away with $10,000 chargeable to the worm.

      I work for a well-known mail filtering company, and I'm getting a front-row seat for the impact this is having. It's large, even for companies that have our services. If you have tens of thousands of employeeds, you're going to see a lot of bounces coming in, and those divert staff time to deal with them.

      Now, imagine you have tens of thousands of employees and you're not using a service like ours. You're going it alone. Your admins. Your equipment. Your anti-virus software which you hope gets the new signatures before the worm gets to you. Your admins and helpdesk staff are working their butts off for at least a week, probably more (not that they weren't already busy). You might have hundreds or even thousands of infected machines to deal with. Countless bounces. Suddenly, you find yourself looking at a cost reaching into the hundreds of thousands of dollars. Not a pretty sight.

      While

      • Re:Actual Cost of a Virus / SCO (Score:3, Interesting)

        by Anonymous Coward
        Don't forget that some infectors are network enabled and will try to spread to all uninfected computers on your network. Since you don't have a method that stops those (if you did, it wouldn't have spread), you'll end up having to take down the network to clean the machines without them getting re-infected by their neighbors. (This gets really ugly in big companies)

        Ok, infections can (keyword can) be very expensive for a company, but there is a tendancy for "software" issues to inflate the numbers they u

      • Re:Actual Cost of a Virus / SCO (Score:5, Informative)

        by thesupraman ( 179040 ) on Thursday January 29, 2004 @06:19AM (#8122071)
        Well, lets see.

        I provide consultance and external admin to a 'mid sized company' who got hit by this in the last couple of days. This is a company with around 50 on-site employees and an anual turnover in the region of $40 Million.

        My filters let through two instances of the virus before they automatically updated their defs.
        One went to a windows machine and infected it.
        One went to a mac, and did not.
        None of around 7 internal Linux servers were affected of course.

        I knew very quickly which machine had an infection, as it was trying to send more viruses via the smtp server (which was by then blocking them) - we are not NEARLY stupid enough to give employees direct internet access via NAT!.

        I blocked the access to the smtp server for that single machine (didn't even need to track down who it was) and they called me about 30 minutes later, when they next tried to send an email, letting me know who they were.

        I asked them to download and run the cleaner program, which they did, so I re-enabled them. Their machine made no further attempts, so I suspect it is fine.

        I also installed another layer of virus scanning just for the hell of it, and re-tuned their anti-spam setup with the latest versions.
        (clamav, http://www.clamav.net)

        Total cost to them:
        2 hours of my time at $60US/hour.
        1 hour of employees time (overestimating here), say $60US/hour.

        A moderate amount of traffic on their link (we are blocking around 1/minute at present for this virus, but it is dying pretty fast) - they pay a fixed link cost, so don't really care.

        So there we go - lets call it $200US total cost, and they got some usefull systems updated as part of that.

        I didn't even have to leaave my home office.

        So, your point was?

      • Re:Actual Cost of a Virus / SCO (Score:5, Informative)

        by Twylite ( 234238 ) <twylite&crypt,co,za> on Thursday January 29, 2004 @07:45AM (#8122387) Homepage

        Your costs need a little inflating ;) Add the following:

        • It tends to cost a company three times your salary to employ you (including office space, equipment, salary and benefits, etc). That's closer to $120 per hour for your hypothetical worker.
        • Losing 1/2 hour productivity means paying out $120 without getting in the minimum of $150 the company should be trying to make out of your time. This means an actual cost of $120, but an economic cost of $270, per employee.
        • Annual subscription to a commercial desktop antivirus: $25 per employee. Without this you have no hope of cost-effectively containing a virus that hits you before there is a patch for the mail/file server anti-virus. Add extra for commercial products with easy-to-use remote administration for all those end-user desktops; and even more for network admin time if there is no remote administration.
        • Any company that has to take down their mail server due to volumes generated by a worm (and it happens a lot), and that is reliant on e-mail for internal communication (also very common), can write off $270 per employee per hour that the server is down. That's up to $27000 per hour in a 100-person company. Ouch.
        • Now image a multinational with +2500 employees that has to take all their mail servers offline for 36 hours to clean up. It's happened. It's expensive.
        • these rules applied, what's the actual cost of a virus story on /. ?

      • Re:Actual Cost of a Virus / SCO (Score:5, Insightful)

        by ozric99 ( 162412 ) on Thursday January 29, 2004 @08:04AM (#8122442) Journal
        I work for a well-known mail filtering company, and I'm getting a front-row seat for the impact this is having. It's large, even for companies that have our services.

        Now, imagine you have tens of thousands of employees and you're not using a service like ours. You're going it alone. Your admins. Your equipment. Your anti-virus software which you hope gets the new signatures before the worm gets to you. Your admins and helpdesk staff are working their butts off for at least a week, probably more (not that they weren't already busy). You might have hundreds or even thousands of infected machines to deal with. Countless bounces. Suddenly, you find yourself looking at a cost reaching into the hundreds of thousands of dollars. Not a pretty sight.

        Nice advert for your services, you forgot the URL ;)

        I work in a 100% NT4 desktop corp environment (our admins, our equipment) and we have around 40,000 users on various domains. We use Exchange and Outlook. Wanna know how many of these "deadly" worms we've had infect our systems in the last 3 years I've been working there? None

        There's nothing inherently deadly about MS stuff in a corp environment as long as your admins and engineers are worth the money they're paid. Frankly I welcome hearing how much cash companies are supposedly losing with this - let it be a kick up the backside. :)

      • The cost of anti-virus and related is the least part of the equation, even factoring in the admin's time, and I don't care *how* cheaply you work. Not even if you're a volunteer./

        wait a damned minute. Are you an employee there? would you get paid even if this outlook worm did not exist? oh you forgot that did you.

        and you forgor that typically IT workers are hired as EXEMPT status and therefore can be worked after hours for FREE.

        I know that you are good at enron style of accounting from your post, but
      • Actually, it really *is* possible to get your costs down to an insignificant level in a small business.

        Firstly, my email server bounces all emails with attachments like .exe, .scr, .pif, and the like. No virus coming in, and it generally buys enough time until the anti-virus software can be updated. Cost? Free. Setup time? Less than half an hour, and lasts indefinitely.

        Secondly, I have Symantec Antivirus Corporate Edition installed on a server and on all client workstations. It automatically downloads new

    • Re:Actual Cost of a Virus / SCO (Score:3, Insightful)

      by Anonymous Coward
      The cost is not actually an actual loss as in they have to pay for it. It is more of an opportunity cost.

      What they mean is instead of using the time to fix up and repair the damages of the virus, that time could have been used generating profit for the business.

      Since they are not being productive during the time the virus is being sorted out they are losing money because of it. Hence the cost of fixing viruses.

      • Re:Actual Cost of a Virus / SCO (Score:5, Insightful)

        by Nogami_Saeko ( 466595 ) on Thursday January 29, 2004 @06:43AM (#8122133)
        The real reason for the inflated damage estimates is that it sounds impressive in the media, which generates FUD, which generates more viewers, which sells advertising space.

        If a virus came out and the news reported it as causing "a few thousand dollars of damage across north america", would anyone give a damn? So the news directors and reporters try and figure out a more "interesting" damage estimate that they can broadcast. So, pump up those numbers! The virus caused $250 MILLION OF DAMAGES, suddenly sounds impressive and formidable.

        It has about as much bearing as when the RIAA sues people for tens or hundreds of millions of dollars because "the song they had shared 'could' have been sent to everyone on the planet, thus depriving the record company of any profits whatsoever".

        The reality is that in the office I work for, one person clicked on the attachment and got their machine infected. He continued working as normal and called the IT guys who came around and fixed it.

        Total lost productivity time? A 30 second phone call. Total lost revenue? $0.

        Compared to people just plain ol' "slacking on the job", viruses do a negligable amount of damage.

        Funny how you never hear about the '$50 billion in lost revenue' from employees taking three 15-minute "smoke breaks" every day.

    • Re:Actual Cost of a Virus / SCO (Score:5, Interesting)

      by Snad ( 719864 ) <mspaceNO@SPAMbigfoot.com> on Thursday January 29, 2004 @05:31AM (#8121917)

      The cost of 400 yellow post-it notes saying "DO NOT OPEN FILE IF EXE OR SCR!"

      You don't even need this one. Just strip all incoming executables at the mail server so the user never gets anything dangerous to click on.

      We did that (at an admittedly small - just under 100 user) site using MailMarshal [marshalsoftware.com], now known as NetIQ Marshal.

      There's never any good reason to send an executable file via e-mail anyway. Software updates etc are better accessed through ftp or straight off the web. Self extracting archives (zip files) are unnecessary given the number of free decompressors available if the company is too cheap to pay for licenses.

      Blocking all (Windows) executables is easy in most filtering software, removes the worry of not being up to date with anti-virus library files, and works 100% of the time.

      This was back in the days of the good old Anna Kournikova, ILoveYou and similar viruses. We had exactly zero infections, and zero problems.

      Yes you can still get viruses in other ways (if some damn fool downloads a virus direct from a website) but how often does that actually happen? They all come via e-mail, and propagate via e-mail - be it your server or their own SMTP connection.

    • Re:Actual Cost of a Virus / SCO (Score:5, Interesting)

      by Alioth ( 221270 ) <no@spam> on Thursday January 29, 2004 @05:32AM (#8121925) Journal
      A better thing is to simply reject all emails with attachments, except for very specific ones on your allow-list that are known safe (for example, .jpg). This way, even if you get a virus that your virus scanner doesn't yet recognise - it gets rejected. There are other methods of sending files that don't require email.

      As for anyone who opens attachments, it's fine to say that when you've got at least reasonably computer savvy users. However, many small companies have one computer 'expert' (which may be the boss's son) and a computer illiterate workforce who knows how to type a letter in Word and send an email. They don't know what EXE or SCR is and are unlikely to remember. They might be fabulous truck drivers on the other hand, who've never had a wreck and who always get their vehicle to where it's going on time. Why fire them for a mistake in something they have little knowledge about?
    • Actually, that's more like the cost to NOT get viruses. Their talking about how much it costs if you don't do that stuff, and have to clean up afterwards (and pay someone else to tell you how).

  • Don't Forget Bandwidth (Score:5, Interesting)

    by DotNM ( 737979 ) <<matt> <at> <mattdean.ca>> on Thursday January 29, 2004 @04:41AM (#8121733) Homepage
    Another thing that's expensive and not to be forgotten is the bandwidth of sending all this crap spam. Why should the recipient of these messages bear the costs of the bandwidth essentially wasted because of these messages.

  • Why do you care? (Score:4, Insightful)

    by ObviousGuy ( 578567 ) <ObviousGuy@hotmail.com> on Thursday January 29, 2004 @04:42AM (#8121736) Homepage Journal
    This is one of those hand-waving statistics that is useful for showing the business leaders, but it's practically useless in day to day network protection.

    These numbers used to be in the billions of dollars, but now they are more reasonable in the millions. If anything, it shows a trend in the perception of the value of data in a downwards direction. Everyone thinks data is some really important thing which should have a high value, but as more and more data is brought into the open (including, but not limited to, source code) the value of data drops.
    • is that for the download of a free email client, Mozilla, none of these fake losses would be incurred.

      The articles about losses from email worms consistenlty fail to adress the problem of crap email clients (or more correctly, THE crap email client) that causes this problem. They also give the same two pieces of advice, "use anti-virus software and dont open attachments", conspicuosly leaving out the most important advice: change your email client.

      Is it because they are embarrassed that they use this sam

      • Re: (Score:3, Interesting)

        by account_deleted ( 4530225 )
        Comment removed based on user account deletion
      • In other words, they "can't live without" the scheduling, etc. that Outlook and Exchange provides.
        Mozilla Mail doesn't provide the scheduling- and even if it did, it's not integrated into the framework like Outlook's is. Same goes for Pegasus Mail, Eudora, and any of the other programs out there.
    • These numbers used to be in the billions of dollars,
      That's right, the expected attack on SCO will cost them a BILLION dollars unless they can attach lasers to the heads of enough sharks in time. Some people expect others to beleive their fantasy worlds.

  • Its a lie (Score:2, Insightful)

    by Anonymous Coward
    The truth of the matter is that it doesn't cost this much. People claimed that rtm's worm in 1988 cost $10 million due to losses in the stock market. But stocks come back up to what they were once people aren't scared anymore. Noone lost money (except rtm who lost $10k).

    As has been said 100 times before, there are 3 types of lies: lies, damned lies, and statistics. This is just another case of statistics being used to lie.

  • The cost to MAKE a virus (Score:3, Insightful)

    by Moderator ( 189749 ) * on Thursday January 29, 2004 @04:43AM (#8121739)
    Virus making is actually a good way to make profits. Hire one guy to write the virus, a few hundred thousand dollars spent on writing an antivirus program, and then sell millions of copies of said program at $50 apiece to people whose PCs were infected when they opened a program called Happy99.exe from Grandma.

    • You're out of touch with reality (Score:4, Insightful)

      by cioxx ( 456323 ) on Thursday January 29, 2004 @05:25AM (#8121899) Homepage
      1. The market is already flooded [google.com] with anti-virus applications, many of which are free.

      2. No business would invest into an application made by a freshman software company. They would choose experience and mindshare over empty, unsubstantiated promises.

      3. It doesn't take few hundred thousand to write a decent AV application. You can create one on a shoestring budget and package it under $10,000 or less.

      4. You're assuming none of the AV products would be able to provide a "fix" for said virus, which would create a market for this fresh application. In the AV world, there is no such thing as "exclusive fix" to a widespread problem.
    • Hire one guy to write the virus, a few hundred thousand dollars spent on writing an antivirus program,
      It's not as if we're short of viruses - that's a really strange and silly conspiriacy theory.
      Couples are gay. People who want to be "together" should be shot "together."
      Another weird attitiude. Hey, let's play spot the virgin!

  • Wasted time! (Score:5, Insightful)

    by Gavin Rogers ( 301715 ) <grogers@vk6hgr.echidna.id.au> on Thursday January 29, 2004 @04:43AM (#8121741) Homepage
    The biggest cost of these sort of virus is time.

    Time waiting for your 'net link to do what you've paid for it to do while your email server chokes on hundreds of incoming virus emails.

    Time wasted by tech staff explaining to every user at least once to not click that file (or if the organisation has virus scanning) to ignore the ten dozen "virus has been nuked" warning emails.

    Time wasted by staff who have to spend time ignoring this junk, replying to warnings about the thing from their naieve friends and family emailing then CNN URLs and saying, "is this for real?"

    Time wasted making sure the company virus protection is up to date on laptop machines that get infected at home on 'raw' Internet connections then get plugged into the pristine corporate network in the morning. Time wasted fixing machine that weren't caught in time.

    This sort of cost really adds up...

  • Education (Score:3, Insightful)

    by DotNM ( 737979 ) <<matt> <at> <mattdean.ca>> on Thursday January 29, 2004 @04:44AM (#8121747) Homepage
    But also, I feel user education can help a lot. Companies need to start implementing some sort of formal e-mail and internet usage training when people join the company and a refresher every so often.

    • Re:Education (Score:3, Interesting)

      by dev11 ( 635413 )
      I don't see "training" doing a whole lot. How many high profile email virii have there been now? Someone would have to be living a cave not to have heard of an email virus. But they still open unknown attachments. My boss, no less opened an attachment and got infected.

      But seriously, this whole thing only took about 2 hours or so of my time. Blackhole the infected machine at the firewall, check mail logs, remove the virus, update AV pattern file, about an hour. Of course, another hour is wasted respo

  • do your math: it'd only be 5000 small businesses (Score:5, Insightful)

    by Anonymous Coward on Thursday January 29, 2004 @04:44AM (#8121748)
    Do your math: you say between $48K and $58K per small biz, so let's take a lowly $50K average. The sum is supposed to be $250M, which is only 5000 times those $50K.

    are there only 5000 small businesses out there?
    i think not.
    So those $48K to $58K must certainly be understood as a "worst case" figure applying only to a fraction of businesses out there

  • The Numbers (Score:4, Funny)

    by RetiefUnwound ( 472931 ) on Thursday January 29, 2004 @04:45AM (#8121752)
    Probably came from a 'Network Security Consultant', not a network engineer. The cost of course includes the hours billed by the consultant, who advises you on how to 'secure' your network.

    Remember, a consultant is someone who'll steal your watch, then make you pay them to tell you the time.

  • As long as you are not infected (Score:5, Interesting)

    by a.koepke ( 688359 ) on Thursday January 29, 2004 @04:45AM (#8121753)
    If you get infected you have the cost of fixing the computers, downtime and lost productivity, loss of earnings, etc. All of this can up to many thousands of dollars.

    The company I work for has not become infected, the only cost of the virus is stupid bounce back messages and an hour of my time fine-tuning our mail server config. Due to this the virus has cost us something, but its hardly worth mentioning.

    The cost of having a good anti-virus system is really easy to justify.

    • Is it in the books? (Score:3, Insightful)

      by Tune ( 17738 )
      You don't pay tax over loss in earnings. That should make many managers and accountants *VERY* happy. Now how come you *NEVER* find even a rough estimate of the cost of virusses and worm attacks on the financial balance presentations of *ANY* corporations.

      I mean, $48000-58000 for each attack is a lot on the balance of a healthy 400 employee company ($3,000,000 revenue, $100,000 EBITA).

      --
      I cannot conceive that anybody will require multiplications at the rate of 40,000 or even 4,000 per hour -- F. H. Wales
  • Yesterday I spent at least a couple of hours clearing some spyware from a PC: it had completely infiltrated the registry, was replacing all attempts to reach other web sites via MSIE with its own page, killing Mozilla, killing the various anti-spyware programs... OK, killing various processes with names like 'sistem' and deleting a bunch of recently-installed DLLs helped me recover control.

    But I pity the millions of people whos PCs are infested with dialers, trojans, browser-infecting gremlims. These are not technical 'viruses' because they don't propagate. But they are very serious time wasters,
    • I agree that stuff like this is serious. Take a 30-computer lab, allow students to access it, and 27-29 will have Gator or its ilk on them after about two weeks. I remember a particularly nasty one (xlime) that would start ~100 new IE windows, maxing the CPU and using up all of the swap until the machine crashed. It's all preventable. Teach people to avoid banner ads, naked pictures, and strange .exe/.scr files. And then threaten them with something serious if they don't listen.
    • people whos PCs are infested with dialers, trojans, browser-infecting gremlims.

      ...endless sewers of blackened, soot-encrusted filth, seeping down into the corners of a stinking festering catacomb of disease-ridden, maggot-infested swill, bubbling through the rusted, cracked pipes and valves of a twisted disgusting maze of dripping, greasy rot.

      Sounds great. :)

  • HA HA HA (Score:3, Funny)

    by dnahelix ( 598670 ) <slashdotispieceofshit@shithome.com> on Thursday January 29, 2004 @04:45AM (#8121758)
    Securing your business against a virus: $58,000

    Reading about it on my Mac: Priceless

    • Despite what Windows pundits would have you belive, Linux and Mac OS alike dont' get fewer virii because of lower market share (lower market share?!? I smell a pissing contest), but because they have no mechnasisms in place out of the box where a user can recieve e-mail with an executable file which can be activated with a single click. Not a double click, mind you; a single click and Outlook will launch a .exe attachment. (Oops, I meant to hit "Delete" or "Reply" -- There goes the corporate network)

      If Mic

  • Not to fix the worm (Score:2, Insightful)

    by Anonymous Coward
    The cost isn't just the guy who "downloads the anti-virus-defs". The cost comes from machines not being usable for some time before the worm is under control, from people who have to sort through hundreds of junk bounces, from preemptively switching passwords on all infected and related systems. The sad thing is that it's hardly possible to prevent these costs. That would raise the value of the IT department close to the avoided costs. But how do you defend against users who activate worms while actively wo
  • How much of that money goes towards antivirus companies' corporate (or otherwise big) virus killer licenses? How many companies will decide to buy additional services or software from the antivirus maker, like personal firewalls or spam filters?

    Sure, IT companies in general might complain about huge losses, but for antivirus software makers the same losses might mean profits. Not 1:1 of course. If viruses wouldn't exist, those companies would be out of business (duh). And every virus that gets out in the w

  • Re: (Score:2, Interesting)

    by account_deleted ( 4530225 )
    Comment removed based on user account deletion
  • MyDoom virus - $250M
    400 or less employees - $58,000
    DDOS SCO - priceless

    There's some news money can't buy. For everything else, there's Slashdot. :)
  • In Australian dollars:
    • A couple of hundred dollars in extra traffic costs
    • About a hundred dollars of my time plus about 20 minutes downtime for the financial controller as I learnt how to clean it off a PC -- the other two infections I removed with no downtime (the users weren't even at their PCs when I fixed it and didn't know they were infected until after it was fixed).

    Total cost at this business probably didn't exceed A$400. We're "medium". 19 core staff, 80-odd contractors.

    It would have been less of m

  • I'd imagine the cost has to be comprised of a few factors.

    1. How many man hours were spent to keep services available
    2. Cost of actual flow of income if it was interupted (contacts, sales, etc)
    3. Cost required to protect against next wave. This could be to hire another person on staff, additional software, contractors for a few days, etc.

    There could be more, but those are the first that came to mind...

    I talked to friends in a few different large companies. They weren't really affected last time I ta
  • Cost is one thing, who is responsible for that cost is another. I was somewhat stunned to find that, on a windows system, just clicking an attachment pointed it directly off to the OS to handle, whether that be a pdf, a txt, or a .exe file. This was on Win2000, so I can't say for sure if newer versions do the same. I suspect they may, as one of the reasons given that MS isn't responsible for any virus spreading by a pro windows guy I know, was that:

    "It doesn't matter which mail client you use, if you clic

  • The cost seems a bit, um, high. (Score:3, Interesting)

    by ChaoticLimbs ( 597275 ) on Thursday January 29, 2004 @04:54AM (#8121798) Journal
    Our office mail server is a linux box. It's a nice little redhat, properly administered. Haven't had a bit of trouble. Major government contractor across town has NT all over, massive problems. Of course, our email server doesn't allow .exe, .scr, .vbs extensions for attachments at all. There's a few more that are disallowed. The server replaces those attachments with a .txt file which states that a file has been removed.

  • Inflated costs AGAIN - that trick never works (Score:5, Interesting)

    by dbIII ( 701233 ) on Thursday January 29, 2004 @04:56AM (#8121807)
    These things get blown out of proportion to feed egos.

    One good example is in the Bruce Sterling non-fiction book "The Hacker Crackdown" - which can also be read online. To sum up, the financial cost of get a paticular document taken from a mainframe was given as the total cost of the mainframe, a terminal and the salaries of a bunch of people going up the heirachy from the person who wrote the document, for far longer than that person actually spent working on that document (ie. paying for someone to write it at the rate of a few words a day, someone else to stand behind then and look over their shoulder for days, someone behind them etc). The defence proposed that the actual worth of the document was the few bucks plus postage that other people paid for it when they ordered it from the company over the phone.

    Opportunity costs are difficult to calculate, one missed email and you could have been a contender - on the way to fame and fortune - but it's more likely that the email is just spam.

  • If by now you haven't gotten clued in and protected yourself against the wave of viruses that have eaten windows for lunch for the past 5 years then you as a business deserve to waste thousands of dollars on this one.

    If you cant be bothered to hire ppl who have no sense then to open everything that comes to them without seeing what it is then you deserve to waste thousands of dollars on this.

    If you cant be bothered to have someone on your staff who is qualified to run your network and not just the person
    • Yeah, if you don't have a decent antivirus program on every windows box in your office (with daily virus updates on servers) then your company has serious issues.
      The REAL serious issue is that they're giving NETWORKED computers to people who will open a .zip file attached to an email that doesn't seem addressed to them, see an .exe file in there and DOUBLE CLICK IT!!!
      Before anyone touches a computer, people need to be told that the internet is a hostile area where theft and fraud occurs with complete an
  • Does anyone know where that number comes from? If one can charge a year's salary to fix one virus, I'm in the wrong job! Any input out there on the real, hard costs of things such as virus protection?"

    It isn't just one person working on the virus.
    With really bad viruses it will take a week of work, if you are lucky and it doesn't spread too badly.

    You probably have the entire server/desktop team working on the updated anti-virus software and how to deploy it.

    You have the entire Tech Support team who ac
  • Things such as repairing the machine after the virus is activated by dumb user

    productivity lost by user, files lost etc.

    severance pay for dumb user
    hiring fees for the replacement (ad costs etc)

    Of couse when the dumb user is also the boss/owner of the company it can cost a whole new computer just for starters (Dual G5 with everything) and a lot of time reshuffling computers to incorporate this one into the company plus new firewalls

    Yep those viruses can be costly

  • With the frequency of these virii and worms... (Score:2, Insightful)

    by Anonymous Coward
    it seems like it would actually be LESS expensive for businesses to run Mac or Linux boxes than Windows. Or at least use a mix of OSes so not everything is vulnerable.

    Perhaps that would be sound corporate IT strategy?
  • It's very simple: all the staff should be teached NOT to open email attachments containing the usual bad file-endings. That's one 5 to 10 minutes meeting.

    On a funny side, awareness for viruses can be achieved by putting up posters like this:
    Safer Surf [feisar.de].

  • This is harsh, but it needs to be said (Score:5, Interesting)

    by ajs318 ( 655362 ) <sd_resp2@@@earthshod...co...uk> on Thursday January 29, 2004 @05:06AM (#8121845)
    Well, Mandrake Linux fits on three CDs, so I'd say the cost of securing a business against virus attacks is about 75p.

    The reason why so many attacks are against Windows is that Windows is usable by complete morons -- and, as an inevitable result, you get complete morons using it. Yes, we all know GNU/Linux requires a little tech savvy. You don't get smart enough to use GNU/Linux without first learning that running just any old programme when you don't have the faintest idea what it does, is a bloody stupid thing to do. On the other hand, any living advertisement for the pro-choice movement can fire up Windows XP and get their computer riddled with malware in a twinkling. Why? Because Windows is too easy to use.

    It's a perfect illustration of reverse evolution in action. You try to make something idiot-proof, then nature only goes and comes out with a dafter idiot.

    You could never make a car that a five-year-old could drive safely -- and even if you could, it would necessarily lack so much functionality it would barely be usable. Really, there's no point trying -- it's better to issue full driving licences only to adults and only on completion of a test. And then we don't have to suffer the consequences of cars that would be driveable by five-year-olds.

    The very fact that GNU/Linux naturally weeds out complete retards probably explains why there are not -- and will never be -- as many GNU/Linux exploits as there are Windows exploits.

    • Re:This is harsh, but it needs to be said (Score:5, Insightful)

      by blincoln ( 592401 ) on Thursday January 29, 2004 @06:13AM (#8122049) Homepage Journal
      I know this may come as a shock, but there are plenty of careers where computers are a tool, not an end in and of themselves.

      I work in IT for a large retailer in the US. Most of our non-IT people are paid well because they sell lots of merchandise to customers and keep them coming back. People who are good at that tend *not* to have the time to learn how to use something like Linux.

      I used to have a similar sort of superior attitude about the vast majority of people out there who don't understand computer issues in any sort of detail. Then I started noticing how irritating it was when people who were specialized in other fields - e.g. medicine, car mechanics - did the same thing to me.

      I can understand giving someone a bit of trouble if they're clueless *and* work in a tech-related field, but not if they just use computers as a tool for getting something else done.

      Do you honestly know how to disassemble and repair your car and home appliances, or perform surgery? My body gets more use than my home or work PCs by default, but I can't perform more than basic repairs on it. Does that make me a moron? No, it just means that I do something else for a living.

      • Re:This is harsh, but it needs to be said (Score:5, Insightful)

        by blincoln ( 592401 ) on Thursday January 29, 2004 @06:28AM (#8122103) Homepage Journal
        In fact, I just had a vivid image of a doctor visiting a bunch of children in Iraq who'd lost limbs from playing with those cluster bombs that look like food packets and saying "You did what? Don't you retards know not to open unfamiliar packages?"

        See how petty and insulting it sounds when it's in relation to another line of work? That's how the "dumb user" attitude makes tech workers look to people in other fields.

      • Re:This is harsh, but it needs to be said (Score:5, Insightful)

        by fizbin ( 2046 ) <martinNO@SPAMsnowplow.org> on Thursday January 29, 2004 @07:47AM (#8122394) Homepage
        I know this may come as a shock, but there are plenty of careers where computers are a tool, not an end in and of themselves.
        And this may come as a shock - although I can't perform basic repairs on my car, and no one expects me to be able to, when I use my car as a tool to get me to and from my job, I am still held responsible for basic user cluefullness. I am expected to pay attention to all of my actions while using this tool, and no one thinks that it should be otherwise.

        That's all the poster asked for - he doesn't ask for people to be able to fix a bug in one of their init scripts. He doesn't even ask for the minimum of skills I would expect for a specifically technical job. He just asks that people not step on the accelerator when an interesting brick wall appears in front of them.

        Obviously, the consequences of being clueless with your computer are nowhere near the consequences of being similarly clueless with your car. However, the idea that you can be held responsible for paying attention to those actions you do perform is not unthinkable. Simply being aware of what you're doing should not be too much to ask.
    • +5 - Reverse Insightful, I'd say.

      You have highlighted exactly why Windows is used in the majority of offices - it's easy, familiar, agnostic with regards to security, and cheaper than employing people that could cope with KDE or Gnome.

      naturally weeds out complete retards

      probably explains why it will never be the desktop of choice - Apple learnt long ago to cater to total retards, and has the media business sewn up as a result.

  • in bandwidth.

    I've managed 3 seperate networks, small to medium thus far, over the past several years. Sobig? blaster? MyDoom ( clamav: worm.sco.a/b )? Klez? My networks have never been touched.

    Yes, they are win32 based on the client, and linux based on the server. But, due to a strong policy and me doing my job, my networks remain virus free.

    If any network gets bitten by this, the IT staff needs a serious looking at. An IT staffer who would let this happen to their network should be given the boot
    • I completely agree with that!
      Many companies run badly designed virus scanners, that rely on uptodate virus signatures, determine file types by looking at the name, and send "virus warning" messages to the "sender" of the message.

      Running this below-par scanning software, which is often considered "enterprise strength" in Windows e-mail environments, is a big part of the problem in every outbreak.
  • I think those numbers must include the time spent reading about the virus on Slashdot, I think this is the 4th article in 2 or 3 days...
  • Most chemists/pharmacies and even supermarkets these days will sell you protection from particularly nasty viruses [trojancondoms.com]. Cost is about a-dollar-a-pop, so to speak ;-)

    Of course, at the rate these computer viruses are spreading, a-dollar-a-pop (ie per person per exposure) rapidly becomes a significant amount of cash.

    Obviously a whole-lotta-poppin-goin-on.

  • Companies should give away antivirus software (Score:3, Interesting)

    by Quizo69 ( 659678 ) on Thursday January 29, 2004 @06:04AM (#8122021) Homepage
    The notion that ordinary users should pay to have virus protection seems rather antiquated in this age of mass mailing worms etc that have more effect on businesses than homes.

    I personally use a great freeware antivirus program from a German company called AntiVir (www.free-av.com), which gives it away for personal use but requires commercial use to have a licence (as a nice aside, it is WAY more efficient that the bloated Norton apps). This makes sense, as it's businesses that keep telling us they're losing millions of dollars when a virus hits them, whereas home users might be inconvenienced for a little while but not seriously affected in most instances.

    How about having the government recommend some free antivirus programs, or even require companies to sponsor antivirus companies, since it's in their interests to do so?

  • Strange numbers (Score:3, Insightful)

    by retro128 ( 318602 ) on Thursday January 29, 2004 @06:17AM (#8122067)
    Where oh where do they get these figures? At my company we have two lines of defense...One is TrendMicro for Exchange and the other is NAV Corporate Edition. Anything that doesn't get stopped at the SMTP server will get picked up by Norton. I figure the two of them combined cost somewhere around $1000-$1500 to cover all of our workstations. Besides that, the only cost the virus is incurring is my time looking over the logs, which basically have been saying the same thing over and over for the last three days. This is a far cry from the $48,000 - $58,000 they say it takes to secure yourself from one teeny little worm virus.

    If the virus got in, the cost of fixing it would be based on the method of removal, how many computers got infected, and what the downtime costs our business. These are three variables that certainly can't be guessed. Something tells me they just pick out numbers that are big enough to impress the media and small enough to avoid losing whatever credibility they have left.

  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Thursday January 29, 2004 @06:30AM (#8122106)
    Comment removed based on user account deletion

  • Costs relate to virus removal (Score:3, Insightful)

    by Eggplant62 ( 120514 ) on Thursday January 29, 2004 @06:57AM (#8122215)
    I work for a small computer service company in the
    Detroit area. We get typically $149/hour for operating systems/software support. Given the case of a small company with 20 workstations and a server for their employees to use that has nothing in place for virus protection, and that most, if not all machines have become infected, figure this: .25-.75 hours per machine to disinfect .25 hour to load new AV software per machine, download updates for program and signatures, etc...

    Figures to 21 hours max at $149/hour... $3129 in labor. Norton AV Corporate edition with 25 seat licensing (don't forget, that server is included as a seat, and you can only buy in 5, 10 and 25 seat increments) costs $869.00 per Symantec's website. With the 30% markup my employer would add and state sales tax added, that comes to software costs of $4326.48.

    Figure in any additional labor to reinstall any software or operating system components that were damaged by the infection and you've got one whopper of a bill for a small business to drop because a multibillion-dollar corporation cannot spend the proper amount of money and time to thoroughly investigate and secure their operating system products. Then figure in the cost of annual subscription fees to download updates to the virus updates (I don't recall the actual figures for annual subscription fees, but my sister's company has three pc's in a peer-to-peer environment and each machine costs $20 annually for that subscription). Pretty hefty.

  • Virus attacks keeps SOME folks in a job... (Score:4, Interesting)

    by logicassasin ( 318009 ) on Thursday January 29, 2004 @07:13AM (#8122270)
    Considering that there's a lot of us in the IT sector out of work, Virii can be a godsend. Why? 'Cause, even if it's only for a week or so, we get called by the local contract companies to clean it up. I did a 2 week stint at Honeywell in Phoenix doing just that. I was unemployed when they got hit by whatever virus back in August and got the call to help with it's cleanup. This later turned into a longer contract to help out their PC Techs clean out their ticket backlog caused by the virus; some 2000 or so tickets generated and left untouched during the cleanup. We were out there for a total of 5 weeks.

    Stuff like this, large comapnies needing to outsource virus cleanup, is also a major factor to be considered when looking at those numbers. Figuring that the contract companies got an average of $25/hr for each of us and multiply that by the initial order of just over 100 techs for the first 2 weeks of cleanup (Honeywell has numerous, large facilities around Phoenix), and you see just how much money these things can cost a company.

  • Total cost of MyDoom virus at my work. (Score:5, Funny)

    by edunbar93 ( 141167 ) on Thursday January 29, 2004 @07:17AM (#8122283)
    I'm the sysadmin for a small ISP. Here's our rough figures:

    New mail server, bought last February: $2500
    FreeBSD 4.8: $0.
    Qmail: $0.
    Vpopmail: $0.
    qmail-scanner: $0.
    Spamassassin: $0.
    F-prot antivirus for unix file servers: $400/year/server.
    My time*: $3000.
    Moving from sendmail to qmail and watching sendmail admins patching: priceless.
    Moving from sendmail to qmail and watching server load averages go from 20 to 0.02: priceless.
    Adding on spamassassin server wide and watching server load averages go from 0.02 to 3.0: well, it's still better than sendmail was.
    Watching the server eat 30,000 viruses a day during the MyDoom attack after months of hard work: totally righteous.

    There are some things money can't buy. For everything else, there's my Boss' Mastercard. Accepted in places where Open Source Software impresses geeks like me.

    * I'd never before used any of the software listed above. It took a while to learn it all in between tech support calls.

  • Potential Loss (Score:5, Interesting)

    by div_2n ( 525075 ) on Thursday January 29, 2004 @08:57AM (#8122686)
    I used to work at a company that does storage and fulfillment for Toyota Motor Manufacturing. They have a contract that says for every hour they can't deliver product, they owe Toyota $100,000. So if a virus were to knock them offline for a 5 hour period, they would lose $500,000 on fines alone.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close