Europe wide open to virus attacks

European businesses are losing billions of pounds each year as a result of internet viruses, but many are still failing to take...

European businesses are losing billions of pounds each year as a result of internet viruses, but many are still failing to take basic measures to ward off attacks, such as keeping anti-virus software up to date, according to a survey by McAfee security.

UK and French companies were particularly bad at keeping their anti-virus software up to date, with only 39% in the UK and 40% in France claiming they had updated in the past week, followed by Italy, with 46% and Spain with 73%.

In Germany, on the other hand, only one in ten of firms said they operated with no anti-virus protection at all. In Britain and Spain, only 1% said they were not protected. Spain, unique in Europe, has laws requiring businesses to have security systems and keep them up to date.

McAfee Security commissioned the survey of 500 small to medium-sized businesses in the UK, Italy, Spain, France, Netherlands, and Germany from Taylor Nelson Sofres.

While only smaller firms were directly represented in the study, poor security by companies and consumers affects any internet-connected business, because worms use infected computers to generate more infected junk e-mail messages and attacks, security experts said.

Anti-virus company Sophos estimated that one third of all spam is now relayed by consumers and businesses unaware that their PCs are infected with remote-access Trojans (Rats). But businesses were largely unaware of such dangers, with only 20% not knowing that  viruses could send e-mail messages to recipients listed in their PC's address book, and 48% not knowing  viruses could secretly store pornographic content on their computer.

"Any unprotected user, whether corporate, small business or end-user, becomes part of the problem," said McAfee European product manager Jack Clark. "We need to encourage people to use what virus protection they have."

Two-thirds of French respondents, and more than half in Germany admitted they could have unknowingly forwarded an infected e-mail to colleagues and other businesses.

Firms are not neglecting to protect themselves out of a false sense of security - more than a third said they felt more at risk from viruses than a year ago. And companies are well aware of the consequences of virus outbreaks, which can be particularly hard-hitting for smaller companies: firms said on average each attack cost them £3,000 in lost business time.

In France, half of businesses had to shut up shop for the duration of a virus attack, the largest percentage in Europe.

Companies reported other ill effects as well, including what McAfee calls "cyber-rage".

One-in-four Spanish respondents admitted to shouting at their colleagues as a result of receiving large amounts of spam, while 15% of Germans swore at their computer screen. The difficulties of modern computing induced "feelings of disgust" in 15% of the Dutch, the survey revealed.

In Spain and the Netherlands, more than half of companies said they had been affected by a virus in the past 12 months, compared with 21% in Germany.

Concern has not necessarily translated into action, however, with 45% of UK companies and 54% in the Netherlands listing security as a "low" priority.

In the long term, Clark agreed that internet messaging systems such as e-mail will need to be redesigned with authentication, but  will not be araound for at least a decade.

Matthew Broersma writes for

Read more on IT risk management