Code Red costs top $2bn

The worldwide labour costs associated with cleaning up the Code Red worm and its variants, including the still-rampaging Code Red...

The worldwide labour costs associated with cleaning up the Code Red worm and its variants, including the still-rampaging Code Red II, now total more than $2bn (£1.4bn) - and are rising, according to one research firm tracking the menace.

With an estimated 760,000 computers infected, research firm Computer Economics estimates labour costs to date associated with repairing corrupted systems at $1.29bn, with another $716m consumed by lost productivity among affected users and IT support and help desk staff.

Code Red and Code Red II, a more virulent sequel worm that began attacking systems worldwide in early August, exploit a known hole in Microsoft's Internet Information Server (IIS) software. A patch for the vulnerability has been available since mid-June.

But there's no imminent end in sight to the worms' spread, said Computer Economics vice president of research Michael Erbschloe. "My sense is we're sort of the middle of it. It's kind of hard to call. We know people still are downloading patches from the Microsoft site."

Code Red's final cost is unlikely to eclipse the $8.7bn price tag Computer Economics hung on damage attributable to the Love Bug, a virus that swept through the IT landscape last year, he said.

"If people don't get these servers patched, this is going to go on forever, and yes, it could be more [costly] than Love Bug. But I'm really anticipating patching before that point," he said.

Computer Economics came up with its estimates by studying various news reports and expert analyses to determine a "consensus" figure for the number of computers and servers affected worldwide, Erbschloe said. The firm then lined that number up against its previously collected benchmarking data to determine an average per-server clean-up cost (ranging from $300 to more than $1,000, according to Erbschloe). Those figures combined, led the company to its $2.05bn "total economic impact worldwide" statistic.

Because Microsoft's IIS software runs on Windows NT and 2000, operating systems most commonly used by businesses, home users have been relatively unscathed by Code Red and Code Red II. Systems running Microsoft Windows 95, 98 or ME are unaffected by the virus. But devices like routers that are running IIS and are used in home networking systems, as well as high-speed Internet access networks used by consumers, could be vulnerable.

However, some cable modem service operators said they've seen little Code Red impact on their networks.

"We're continually monitoring the situation, and the impact has been minimal," said At Home spokeswoman Estela Mendoza. At Home, known by its [email protected] brand, operates a cable modem network that serves 3.6 million residential users.

"I think things are going pretty well. We continue to have had a minimal impact from it," said Mike Luftman, a spokesman for AOL Time Warner, which operates the Road Runner cable modem service. Fewer than 1,000 of the company's 1.2 million residential customers have been affected by the worm, he said.

Road Runner and [email protected] have experienced some localised slowdowns, but no uncontrollable breakouts, the representatives said. Both said the cost of fighting Code Red will be minor for their companies.

Two major digital subscriber line providers also expressed no worries about the worms' impact. Code Red has had minimal effect on network operations because there was enough advance planning and warning issued to customers, representatives of both providers said, asking that their companies not be identified.

Read more on Data centre hardware