In 2001 companies were hit with a monthly average of 113 virus infections for every 1,000 computers they owned, according to the seventh annual survey of virus prevalence in the enterprise conducted by Icsa Labs, part of antivirus firm TruSecure.
Virus problem to continue to grow says survey
"Every year it seems like the percentage of coverage [of antivirus tools] gets better, and every year it seems like the virus problem gets worse," said Larry Bridwell, content security programs manager at Icsa Labs.
The survey took place over the course of 20 months from January 2000 to August 2001 and surveyed 300 companies, each of which had at least 500 PCs, two local area networks and two remote workers. The survey focused primarily on machines running on Intel chips with Microsoft operating systems — generally the worst-affected systems.
Over the course of the survey 666,327 desktop PCs and workstations were infected with viruses, along with 26,492 file or print servers, Bridwell said.
Those figures translate to 113 infections per 1,000 PCs per month, he said.
The majority of viruses spread through email, Bridwell said, noting that mass-mailers accounted for around 80 percent of the viruses identified in the survey.
The study found the most common effect of virus infection, reported by 70 percent of respondents, was to render a PC unavailable to its user. Reduced productivity caused by viral attack was stated by 69 percent of respondents, while 37 percent experienced loss of data.
And the picture looks unlikely to brighten much in the future, he said.
"The virus problem continues to worsen," Bridwell said, adding that the likelihood of disasters will also increase as more worms that spread through multiple methods, like Code Red and Nimda, are released.
Bridwell did identify a number of steps that companies can take to avoid these pitfalls. Network perimeter protection, desktop antivirus and good policy development and enforcement are all key, he said.
"Perimeter protection can arguably be one of the most important assets in the corporate security strategy," he said, although, "perimeter protection is not a replacement for desktop and server protection."
Perimeter protection involves scanning for viruses as they enter the corporate network from the public internet.
"The value of desktop protection can't be overemphasised," he said.
Bridwell also urged companies to filter attachments, especially those with files types that are frequently used in viruses, such as EXE, VBS and PIF, and to subscribe to a security alert service to receive early warnings of possible trouble.