Slashdot Mirror

← Back to Stories (view on slashdot.org)

What's The Actual Cost of A Virus?

Posted by simoniker on from the return-to-sender dept.

ThosLives writes "CNN Money just posted a story that says the MyDoom virus may cost businesses $250M. My favorite quote is that for small to medium businesses with 400 or less employees, the estimate is between $48,000 and $58,000 cost to 'secure themselves' from the particular virus. Does anyone know where that number comes from? If one can charge a year's salary to fix one virus, I'm in the wrong job! Any input out there on the real, hard costs of things such as virus protection?"

4 of 526 comments (clear)

  1. Re:Actual Cost of a Virus / SCO by PowerBert · · Score: 5, Informative

    We use MailScanner which can work with Sendmail or exim and it supports many different AV programs.
    It doesn't just do viruses though, it can run Spam checks (with or without the help of spamassassin), Filter out (and remove) dangerous HTML, filter/remove file attachments and has lots of other useful features.

    Definately worth checking out.

  2. Re:Actual Cost of a Virus / SCO by thesupraman · · Score: 5, Informative

    Well, lets see.

    I provide consultance and external admin to a 'mid sized company' who got hit by this in the last couple of days. This is a company with around 50 on-site employees and an anual turnover in the region of $40 Million.

    My filters let through two instances of the virus before they automatically updated their defs.
    One went to a windows machine and infected it.
    One went to a mac, and did not.
    None of around 7 internal Linux servers were affected of course.

    I knew very quickly which machine had an infection, as it was trying to send more viruses via the smtp server (which was by then blocking them) - we are not NEARLY stupid enough to give employees direct internet access via NAT!.

    I blocked the access to the smtp server for that single machine (didn't even need to track down who it was) and they called me about 30 minutes later, when they next tried to send an email, letting me know who they were.

    I asked them to download and run the cleaner program, which they did, so I re-enabled them. Their machine made no further attempts, so I suspect it is fine.

    I also installed another layer of virus scanning just for the hell of it, and re-tuned their anti-spam setup with the latest versions.
    (clamav, http://www.clamav.net)

    Total cost to them:
    2 hours of my time at $60US/hour.
    1 hour of employees time (overestimating here), say $60US/hour.

    A moderate amount of traffic on their link (we are blocking around 1/minute at present for this virus, but it is dying pretty fast) - they pay a fixed link cost, so don't really care.

    So there we go - lets call it $200US total cost, and they got some usefull systems updated as part of that.

    I didn't even have to leaave my home office.

    So, your point was?

  3. Re:Actual Cost of a Virus / SCO by Twylite · · Score: 5, Informative

    Your costs need a little inflating ;) Add the following:

    • It tends to cost a company three times your salary to employ you (including office space, equipment, salary and benefits, etc). That's closer to $120 per hour for your hypothetical worker.
    • Losing 1/2 hour productivity means paying out $120 without getting in the minimum of $150 the company should be trying to make out of your time. This means an actual cost of $120, but an economic cost of $270, per employee.
    • Annual subscription to a commercial desktop antivirus: $25 per employee. Without this you have no hope of cost-effectively containing a virus that hits you before there is a patch for the mail/file server anti-virus. Add extra for commercial products with easy-to-use remote administration for all those end-user desktops; and even more for network admin time if there is no remote administration.
    • Any company that has to take down their mail server due to volumes generated by a worm (and it happens a lot), and that is reliant on e-mail for internal communication (also very common), can write off $270 per employee per hour that the server is down. That's up to $27000 per hour in a 100-person company. Ouch.
    • Now image a multinational with +2500 employees that has to take all their mail servers offline for 36 hours to clean up. It's happened. It's expensive.
    --
    i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
  4. Re:Actual Cost of a Virus / SCO by NetJunkie · · Score: 3, Informative

    Filter attachments. We stopped this virus and all the ones before it since I've been at my present job. Usually AV updates are several hours behind..even though we use AV engines based in different parts of the world (to hop time zones on updates).

    I filter anything that can be executed by the user. That's the best defense you can do.