Code Red, Sircam, Anna Kournikova, Nimda—over the past 6 months, computer networks have been hit with more viruses than jungle explorers drinking stagnant water have. Forty percent of the 167 security personnel in the government organizations and midsized and large businesses that network security software—development company Rapid7 surveyed said that viruses have corrupted data or files in their organizations.
Computer Economics estimates that computer viruses cost American businesses $17 billion last year, up from $12 billion in 1999. For example, the firm believes that Code Red, which might have infected as many as 975,000 servers, caused companies to spend about $1 billion to clean infected systems, inspect more than 8 million servers to determine the need for patches, and if necessary, patch, test, certify, and return those systems to normal service. The price tag for the loss of productivity of system users, support staff, Help desk staff, and other staff responsible for assisting internal end users, IT staff, and customers worldwide added another $1.4 billion. Graph 1 shows the estimated cost of several viruses and the estimated cost of all viruses in 1999 and 2000. Despite the eye-popping numbers in Graph 1, 60 percent of the respondents in the Rapid7 survey admitted that their companies don't take all reasonable precautionary measures to secure their systems.