Home > Releases > DTI survey finds virus infection biggest cause of security incident

DTI survey finds virus infection biggest cause of security incident

February 28th, 2006

Infection by viruses was the biggest single cause of the worst security incidents for UK companies in the past two years, accounting for roughly half of them, a new survey shows. Two-fifths of these were described as having a serious impact on the business, according to findings from the 2006 Department of Trade and Industry´s biennial Information Security Breaches Survey, conducted by a consortium led by PricewaterhouseCoopers LLP. The full results of the survey will be launched at Infosecurity Europe in London, 25-27 April.

The survey showed that virus infections were more likely to have caused service interruption than other incidents. Usually the disruption was minor but roughly a quarter of companies questioned who reported a virus as their worst incident had major disruption, with important services such as email down for more than a day.

The majority of UK businesses surveyed have a broadband link to the Internet (88%) and as a result, the threat from malicious software such as viruses has never been greater. UK businesses have responded and now almost every company uses anti-virus software. Despite the increased threat, fewer companies had viruses than in the last two surveys. Infection rates have dropped by roughly a third since two years ago.

While the number of companies infected has fallen since 2004, the average number of infections suffered by those affected has risen to roughly one a day. Several businesses reported hundreds of infections a day.

Key findings from the telephone survey of 1,000 companies include:

A quarter of UK businesses are not protecting themselves against the threat caused by spyware. As a result roughly one in seven of the worst incidents involving malicious software related to spyware that can download onto a computer when the user visits an unscrupulous website.

Two years ago, a small number of viruses dominated, for example Netsky and Bagle/Beagle. In contrast over the last year, no single virus has caused widespread damage. Instead the nature of viruses – and the motivation of their writers – has changed. Some malicious viruses, known as ´bots´, take over machines turning them into ´botnets” used for cyber crime and cleaning up the problems can take weeks of effort.

Patching discipline has improved: nearly nine in ten UK businesses (88%) apply new operating system security updates within a week of their release, compared with 79% of businesses in 2004.

Companies that install critical patches within a day suffered fewer virus infections than those that wait even a week.

Companies without anti-virus software did not report many infections. One explanation is that companies that suffer virus infection tend to install anti-virus software afterwards. More worrying is the possibility that the changing nature of viruses may mean that some do not realise a virus has infected their systems.

One-fifth of the companies questioned in the survey said that they do not update signature files (used to protect against viruses) within a day.

Virus infections tended to take more effort to resolve than other incidents sometimes taking over 50 days´ work to fix.

These findings are published in a factsheet – ´Viruses and malicious software´ – sponsored by security software specialist Symantec.

Chris Potter, the partner from PricewaterhouseCoopers LLP leading the survey, said:

“It´s very encouraging to see the progress that UK companies have made in installing anti-virus software and patching their systems. However, there´s a danger of fighting yesterday´s battle. Past viruses were designed to cause large amounts of indiscriminate damage typically by taking down targets´ networks. Today´s viruses have become more insidious. These programmes lie hidden on infected machines, gather information and target their strikes at valuable data. Cyber-criminals now use virus infections to get in under the radar of businesses and steal confidential data.

“The damage that viruses can cause extends beyond systems and ultimately can affect a company´s customers, business relationships and reputation in the marketplace. The threat has never been greater, so this is no time for complacency. Tomorrow´s battle has only just begun. In that battle, a multi-layer defence of patching, up to date anti-virus software and intrusion detection software offers the best protection.”


Comments are closed.