Virus Cost Estimate For 2001 Tops $10 Billion

Snootch writes: "CNN has a story on the costs of virii - they're absolutely collossal, and remember that the $10 billion figure is just *so far this year*...scary. The article gives a pretty good breakdown by virus, and while it says little else that the average /. reader won't know by now, it's an interesting read all the same. To quote Red Dwarf's Kryten, 'Smug Mode,' but I note that every single one mentioned in the article, bar one (Code Red), was a client-side Outlook virus ..."

"My other thought was this: Considering that according to the article, nearly half the money was spent cleaning infected systems out, then the virus-checker industry, and therefore the implications of Symantec's recent patent, are even bigger than I realised ... *gulp*" Of course, estimates like these are often made by people with vested interests in the effect such numbers have, and there are a lot of costs that are very tough to estimate accurately -- like sysadmin time.

Smug Mode

[Tom7]

My feeling is that most of these are Microsoft-based worms because that is the most popular platform. (And perhaps the users are less concerned about computers than we are.) There have been plenty of exploitable holes in pine, for instance; it's just that not enough people use the same version of pine for a successful worm to be built around it.

I think perhaps this is an argument for diversity more than it is an argument against Microsoft.

vmyths.com

[Satai]

vymths.com typically has debunkings of numbers like this.

It's definitely recommended reading for any geek. The introductory section is here.

I don't buy these numbers. These exorbitant figures are created from generous estimates of downtime, repair costs, and so forth. In addition, they take into consideration elements only tangentially related; I think that anybody with their Michael Shermer hat on can tell that a more serious inquiry than this is required.

(But, then again, this would be good fodder for anti-Microsoft arguments. Now how ethically responsible would that be?)

Code Red - Use the Present Tense please...

[Phrogman]

All of these articles that I have been reading lately discuss Code Red and Code Red II in the past tense. Its still out there folks and its still attacking systems. I just ran a scan of my log file for one of my systems and the following IPs attempted to attack the webserver (which is running Linux/Apache and doing just fine):

216.175.70.25 which attacked at 31/Aug/2001:04:16:29 PST

61.129.37.165 which attacked at 31/Aug/2001:10:47:55 PST

216.254.153.209 which attacked at 31/Aug/2001:13:58:40 PST

62.110.109.5 which attacked at 31/Aug/2001:14:01:40 PST

216.75.67.200 which attacked at 31/Aug/2001:14:25:52 PST

216.210.235.68 which attacked at 31/Aug/2001:14:32:04 PST

216.254.2.43 which attacked at 31/Aug/2001:19:13:21 PST

195.128.198.2 which attacked at 31/Aug/2001:20:40:38 PST

200.204.61.28 which attacked at 31/Aug/2001:21:09:45 PST

ip244.54.136.216.in-addr.arpa which attacked at 31/Aug/2001:22:30:24 PST

209.88.144.24 which attacked at 31/Aug/2001:22:52:19 PST

209.88.144.24 which attacked at 31/Aug/2001:22:53:36 PST

216.72.50.157 which attacked at 31/Aug/2001:22:54:32 PST

61.175.90.219 which attacked at 01/Sep/2001:01:18:38 PST

24.176.223.88 which attacked at 01/Sep/2001:01:25:49 PST

216.224.75.34 which attacked at 01/Sep/2001:01:49:07 PST

212.38.187.178 which attacked at 01/Sep/2001:02:45:22 PST

Now the number of attacks goes down on the weekenend and up during the week, which suggests that most of these addresses (if not all of them) are simply DHCP desktop boxes run by morons who are too stupid to download and install a patch that has been widely mentioned in the news. But the fact remains that this worm is out there and active on a ton of systems and should *not* be spoken of in the past tense.

Just my 0.45 Cents Canadian...