We attribute the drop in direct cost damages to two factors, one good, one bad.
- The good factor is that, in our estimation, the antivirus vendors do a pretty good job of thwarting malware attacks before they can become the massive worldwide storms that organizations experience in previous years. It's been some time since we've seen an attack like the Love Bug in 2000, or even MyDoom, Netsky, or Sasser in 2004.
- The bad factor is that much of the drop in direct damages has to do with the changing nature of malware. Malware authors these days aren't writing viruses, worms, and trojans primarily to cause damage, but to make money. To make money, you don't damage the host computer--you keep it running to serve as a spam proxy, or to perpetuate click-fraud, or to steal confidential information, for example.
The full report, entitled, 2007 Malware Report: The Economic Impact of Viruses, Spyware, Adware, Botnets, and Other Malicious Code analyzes the cost of malware at the worldwide, organization, and event level.
An extended description of the report is available, as well as a more complete excerpt, on the Computer Economics website.
No comments:
Post a Comment