Viruses biggest security headache for firms

A survey for the Department of Trade and Industry revealed that infection by viruses accounted for roughly half of security incidents affecting firms, almost half of which had "a serious impact on the business".

The latest biennial 'Information Security Breaches Survey' carried by a consortium led by PricewaterhouseCoopers, also showed that virus infections were more likely to have caused service interruption than any other type of incident.

Often the disruption was described as "minor", but around a quarter of companies questioned said they had experienced "major disruption" as a result of a virus, with important services such as email down for more than one day.

The majority of UK businesses surveyed had a broadband link to the Internet (88%) and as a result, the threat from malicious software such as viruses has never been greater, according to PriceWaterhouseCoopers.

Spyware complacency

On a positive note, almost all UK businesses now used anti-virus software and despite the increased threat, fewer companies had viruses than in the last two surveys, with infection rates dropping by around a third since two years ago.

However, while the number of companies infected had fallen since 2004, the average number of viruses suffered by those affected had risen to roughly one a day, with some reporting hundreds of daily infections.

Worryingly, a quarter of UK firms were not protecting themselves against the threat caused by spyware. As a result roughly one in seven of the worst incidents involving malicious software related to spyware.

PriceWaterhouseCoopers added that the nature of computer viruses and the motivation of their writers had changed over the last two years. Some malicious viruses, known as 'bots', allowed attackers to take over machines turning them into 'botnets" used for cyber crime. Cleaning up the problem could take weeks of effort, said the consultants.

So called "patching discipline" had improved, with nearly nine in ten UK businesses (88%) applying new operating system security updates within a week of their release, compared to 79% of businesses in 2004. However, one-fifth of the companies questioned in the survey said that they do not update signature files - used to protect against viruses - within a day of their release.

'Insidious' threat

The survey also showed that virus infections tended to take more effort to resolve than other incidents, sometimes taking over 50 days' work to fix.

Chris Potter, from PricewaterhouseCoopers, said: "It's very encouraging to see the progress that UK companies have made in installing anti-virus software and patching their systems. However, there's a danger of fighting yesterday's battle.

"Past viruses were designed to cause large amounts of indiscriminate damage typically by taking down targets' networks. Today's viruses have become more insidious."

He added: "These programmes lie hidden on infected machines, gather information and target their strikes at valuable data. Cybercriminals now use virus infections to get in under the radar of businesses and steal confidential data.

"The damage that viruses can cause extends beyond systems and ultimately can affect a company's customers, business relationships and reputation in the marketplace."

Mr Potter recommended a "multi-layer defence" including patching, up to date anti-virus software and intrusion detection software.