Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virus Cost Estimate For 2001 Tops $10 Billion

Posted by timothy on from the say-ahhhhhh dept.

Snootch writes: "CNN has a story on the costs of virii - they're absolutely collossal, and remember that the $10 billion figure is just *so far this year*...scary. The article gives a pretty good breakdown by virus, and while it says little else that the average /. reader won't know by now, it's an interesting read all the same. To quote Red Dwarf's Kryten, 'Smug Mode,' but I note that every single one mentioned in the article, bar one (Code Red), was a client-side Outlook virus ..."

"My other thought was this: Considering that according to the article, nearly half the money was spent cleaning infected systems out, then the virus-checker industry, and therefore the implications of Symantec's recent patent, are even bigger than I realised ... *gulp*" Of course, estimates like these are often made by people with vested interests in the effect such numbers have, and there are a lot of costs that are very tough to estimate accurately -- like sysadmin time.

7 of 239 comments (clear)

  1. So we're talking either Microsoft or Microsoft? by unitron · · Score: 5, Insightful
    "...every single one mentioned in the article, bar one (Code Red), was a client-side Outlook virus..."

    Considering Code Red's favorite food, that's pretty much a clean sweep for Microsoft, isn't it?

    I guess they do bring something to the total user experience that you can't get from anyone else.

    Gotta run. A whole bunch of people hae sent me files they need my advice on.

    --

    I see even classic Slashdot is now pretty much unusable on dial up anymore.

  2. Smug Mode by Tom7 · · Score: 5, Interesting


    My feeling is that most of these are Microsoft-based worms because that is the most popular platform. (And perhaps the users are less concerned about computers than we are.) There have been plenty of exploitable holes in pine, for instance; it's just that not enough people use the same version of pine for a successful worm to be built around it.

    I think perhaps this is an argument for diversity more than it is an argument against Microsoft.

    1. Re:Smug Mode by rknop · · Score: 5, Insightful

      I think perhaps this is an argument for diversity more than it is an argument against Microsoft.

      From my point of view, an argument for diversity is an argument against Microsoft. My beef with Microsoft is not I don't like their stuff-- it's that I can't choose to use something else and have the pleasure of completely ignoring them. People still send me attachments in Word format, or require that presentations be in PowerPoint format. Web extentions still work on Windows only. I can freely ignore the Mac in everything I do. Windows users can freely ignore Linux in everything they do. But nobody can completely ignore Microsoft, simply because it's so prevalent.

      And, to the topic at hand, that includes viruses. I know of servers running sendmail on a Unix box that had to go out of their way to delete SirCam messages from users' mailboxes, because they were huge and filling up the space available. This happens because most of the E-mail sending world is using Microsoft products.

      Although the vindictive part of me would love to see Microsoft wither and die, in reality that's not what I want. What I want is for them to no longer be a monopoly or a near-monopoly. I want file formats and communications protocols to be open standards, so that anybody can develop software (proprietary or not) that will let users communicate with other users, each using whatever the hell he wants. And, then, yes, I want it so that no single virus are security hole can so easily affect 90% of the internet all at once.

      All of this diversity is at the moment squelched by Microsoft. An argument for diversity is the strongest, and most important, argument against Microsoft as it exists today. The cost of viruses is only the most obvious and urgent manifestation of this. There are more severe long-term costs of a monopoly on something so basic as computer infrastructure.

      -Rob

  3. Sircam was not an outlook specific virus by plone · · Score: 5, Informative

    Geez, you would think that on /. people would know that Sircam was not Outlook specific. I had a friend (who is rather computer illiterate) who doesn't even use outlook and stilll managed to spread the virus. Sircam doesnt just use the outlook address book for viruses, it looks through your temporary internet files for anything it seems like an email address (this is the reason why Tacoboy would whine like a sissyboy about the gigs of email he was gettign from sircam). Sircam require outlook to propogate, it had its own internal SMTp engine. Sircam was not outlook specific, merely windows specific. And i am sure that it would be really easy to make a port to linux (but i could be mistaken since i know jackshit about programming or unix). The true innovation of the sircam virus was its social engineering aspect. People are always curious to open documents, even if they know that it wasnt meant to be sent to them.

  4. SirCam? by hearingaid · · Score: 5, Informative
    every single one mentioned in the article, bar one (Code Red), was a client-side Outlook virus

    Hello? SirCam? It's an executable. It's mentioned in the article. It's a Windows executable, but it will happily infect people running Eudora on Windows, supposing of course that they are dumb.

    It is another victory for the guys at Redmond, of course.

    --

    my old sig used to be funny, but then slashcode ate it and now it's not funny anymore

  5. If you have to guess, might as well make it BIG by ch-chuck · · Score: 5, Funny

    These damage numbers are like the damages claimed in the "Hacker Crackdown" - somebody cracks into the phone company, copies one document, and gets nabbed for 'damages' to the tune of $80,000 - it later turns out that that figure included:

    1. A technical writer had been hired to research and write the E911 Document. 200 hours of work, at $35 an hour, cost : $7,000. A Project Manager had overseen the technical writer. 200 hours, at $31 an hour, made: $6,200.

    2. A week of typing had cost $721 dollars. A week of formatting had cost $721. A week of graphics formatting had cost $742.

    3. Two days of editing cost $367. `

    4. A box of order labels cost five dollars.

    5. Preparing a purchase order for the Document, including typing and the obtaining of an authorizing signature from within the BellSouth bureaucracy, cost $129.

    6. Printing cost $313. Mailing the Document to fifty people took fifty hours by a clerk, and cost $858.

    7. Placing the Document in an index took two clerks an hour each, totalling $43.

    Bureaucratic overhead alone, therefore, was alleged to have cost a whopping $17,099. According to Mr. Megahee, the typing of a twelve- page document had taken a full week. Writing it had taken five weeks, including an overseer who apparently did nothing else but watch the author for five weeks. Editing twelve pages had taken two days. Printing and mailing an electronic document (which was already available on the Southern Bell Data Network to any telco employee who needed it), had cost over a thousand dollars.

    But this was just the beginning. There were also the hardware expenses. Eight hundred fifty dollars for a VT220 computer monitor. Thirty-one thousand dollars for a sophisticated VAXstation II computer. Six thousand dollars for a computer printer. Twenty-two thousand dollars for a copy of "Interleaf" software. Two thousand five hundred dollars for VMS software. All this to create the twelve-page Document.



    So using the same rule, you can see these adjusters running around asking, "Was this PC infected by a virus last year?", "yes", "Ok, that's one $2000 PC and one $100 Outlook License, plus one hour labor, lets see, that comes to $2220 lost productivity, NEXT!".

    --
    try { do() || do_not(); } catch (JediException err) { yoda(err); }
  6. Forgetting History... by Carnage4Life · · Score: 5, Insightful

    It's rather interesting watching slashbots make smug comments about "Microsoft worms" and "Outlook viruses" when the two most damaging worms that have occured this year could have appeared on any platform.

    Code Red
    The Code Red worm is a typical worm that exploits a buffer overflow just like the Morris Internet Worm and the Ramen worm before it. Either of the aformentioned worms could have done what code red did once they had 0wn3d the boxen, they just happened not to.

    Heck, I've toyed with writing a proof of concept *nix verison of Code Red using wu-ftp vulnerabilities, rpc.statd vulnerabilities, telnetd vulnerabilities, sendmail vulnerabilities and even BIND vulnerabilities. Of course, I haven't gone much further than deciding what exploits to use and glancing at some source since I'm busy with school at the moment and more importantly I don't want to go to jail.

    Sircam
    The Sircam worm spread either through social engineering or across unprotected network shares. Neither of these requires Outlook. It didn't grab addresses out of the address book and instead grabbed them from the user's web cache. Sircam also didn't use the client mailer to mail itself out but instead included it's own mail program.
    Thus all Sircam needed to spread was clueless users. This only thing Microsoft-y about this worm is that it ran on Windows.

    All the above said, it is truly sad that on almost all popular platforms we are stil dealing with a 30 year old security problem whose causes and solutions have been known from probably before a sizable number of the slashdot population was born.