You've probably read enough about Klez or Melissa or whatever viruses or worms are hitting people' desktops. But it's a real threat even for corporations (who still rarely report about internal intrusions -- and believe me, those ones are scary, especially when you're watching one with your system administrator.)
InformationWeek Research's recently published its fifth annual Global Information Security Survey, with the help of PricewaterhouseCoopers.
The survey, which 8,100 technology and security professionals completed, shows that 44% of companies admit they were successfully struck by a virus, worm, or Trojan horse in the past year, a dramatic decline from the 66% in the 2001 survey who said they fell victim.
Let's look at an example.
Kyanite Mining Corp. deployed Symantec Corp.'s antivirus software on all of its desktops, internal servers, and Microsoft Exchange E-mail gateways. The company also started updating software daily instead of weekly, a policy change after several successful virus attacks that led to considerable tension around the company aimed at the IT shop. "Everyone was walking around with frowny faces," David Johnson -- the IT director -- recalls.
Unfortunately, the frowns aren't gone for good, despite the glimmer of progress. Though companies are fending off viruses more effectively, the attacks that succeed appear to inflict more pain than in the past, requiring longer downtime and more money to fix. Businesses are getting better at weeding out routine hits, but the danger of more sophisticated and targeted attacks continues to grow from cyberterrorism, corporate spying, and insider attacks, especially at larger companies. And security analysts still worry that companies claiming zero attacks might not even know they've been hit.
InformationWeek provides several illustrations. Here is one.
Source: George V. Hulme, InformationWeek, July 8, 2002
5:49:54 PM Permalink