In an interview with news agency Reuters, Trend Micro’s MD Lionel Phang said he expected the cost to rise again in 2004. He based his estimate on his own company’s recently-published statistics for the volume of virus attacks and other analysts’ research into the cost of security alerts.
“The economic and financial impact of virus attacks will continue to climb in 2004,” said Phang. “The spam threat will increase exponentially, and will become the hideouts for viruses and hacking programs trying to gain an entry into the network.”
Phang also said that small and medium enterprises (SMEs) are particularly at risk.
“This is the most vulnerable market segment in 2004 as their awareness level is really low, they do not have the dedicated IT expertise, and have a false sense of security about virus attacks, thinking they are too small a target for such attacks,” he added.
Trend Micro’s calculations place the cost of viruses significantly higher than other companies’ figures. Security risk management company mi2g suggested $36.1 billion when losses in productivity and business were factored in.
Computer Economics, an independent research organisation, estimated that the SoBig virus alone cost businesses more than $1 billion, while the Radicati Group said spam had caused $20.5 billion-worth of business losses in 2003.
Trend Micro’s annual virus report, The Trend of Malware Today, highlighted the increasing use of social engineering to entice users to open malware attachments. As if to reinforce the point, anti-virus software company Sophos has warned of a new ‘phishing’ scam designed to fool users into revealing their bank details.
The culprit is a Trojan called Mmdload, which is disguised as a zipped attachment called PAYPAL.exe. The email is entitled ‘GREAT NEW YEAR OFFER FROM PAYPAL.COM!’. Just like the recent mimail.N worm, it offers recipients the chance to win money.