DTI computer crime survey shows firms suffer heavy
losses despite cut in rate of infection.
Despite a fall of 66% in the rate of infection over the past two
years, businesses are suffering significant financial losses from
computer viruses, according to the the latest government computer
crime survey.
Businesses said viruses were the cause of 50% of their most
serious security breaches, the Information Breaches survey from the
Department of Trade and Industry and PriceWaterhouseCoopers
(PWC)shows.
Of these firms, 25% suffered disruption to e-mail and other
services that lasted longer than a day, with some taking up to 50
man days to disinfect their systems.
The survey, to be released in April, shows that although 95% of
firms deploy anti-virus software, 35% are still reporting virus
infections. Some businesses reported hundreds of infections a
day.
"Any single defence does not seem to be the answer in itself.
Anti-virus alone does not prevent all virus infections. Patching
alone does not prevent all virus infections. It is important for
organisations to have a multi-layer defence, with anti-virus,
patching and intrusion prevention," said Chris Potter, partner at
PWC.
Although patching has improved over the past two years, with 90%
of companies applying new patches within a week of their release,
some are leaving themselves vulnerable by taking over a month to
apply new patches.
Firms in the financial services, travel, leisure and
entertainment industries, are the best at patching, with 70% of
them installing updates within a day. Telecommunications firms,
which tend to be the slowest to patch, are more likely to suffer
damage.
"Patching is a significant challenge for most companies because
of the need to test applications." said Paul Dorey, chief
information security officer at BP.
It is important to segregate servers onto different networks
from clients to protect systems while patches are applied, he
said.
Paul Simmonds, global chief information security director at
ICI, said many firms are vulnerable to viruses because the
anti-virus packages have default settings to update signatures once
a week, while others do not allow updates more frequently than once
a day.
"There is still a time lag, from the time of virus release to
the definitions being available and your systems updated," he
said.
The research shows that companies are having to defend
themselves against a far larger number of viruses and variants than
they were two years ago, when the last survey was published.
The majority of viruses are written by organised crime groups,
and are designed to surreptitiously steal corporate information, or
provide hackers with a security back door, rather than attract
attention by spreading. In some cases, firms may be unaware they
are infected, said Potter.
"We have had a number of cases where confidential information
was taken out of organisations as a result of malicious software.
Some companies ended up losing customers," he said.
Despite the growing threat, a quarter of UK businesses are not
protecting themselves against spyware. One in seven says the worst
incidents relate to spyware.
"Organised crime has used these attacks as a way into companies.
Businesses should be taking a holistic approach to security," said
Tony Neate, head of industrial liaison at the National High Tech
Crime Unit.
The full results of the survey will be launched at InfoSecurity
Europe in London on 25-27 April.