|
Virginia based Cybertrust released results on Wednesday of a study of 700 enterprises and the impact of the Zotob worm to organizations worldwide. The damage caused by the Zotob worm affected Windows 2000 systems back in August and created real problems for the impacted systems.
Editor's Note: Worms and viruses can have a devastating impact on businesses as this article reports. Many businesses got hit much harder than they talk about hear. Did Zotob worm its way into your harddrive? Talk about it at the Security Forum in WebProWorld.
"Cybertrust's study on the Zotob worm demonstrated that, compared to earlier worm outbreaks such as SQL Slammer or Sasser, Zotob adversely impacted significantly fewer organizations," said Russ Cooper, Cybertrust senior information security analyst and author of the Zotob study.
 "The nature of this worm and its ultimate business impact complements Cybertrust's intelligence that illustrates the goal of hackers today is no longer widespread system shutdown, but rather more frequent, smaller attacks with specific targets powered by a drive for financial and information gain."
The study said 13% of organizations surveyed experienced at lease some adverse impact from Zotob. They defined impact as spending time, resources or money fighting or recovering from the worm. About 6% had moderate or major impact, which they defined as more than $10,000 in losses and at least one business critical system affected (e.g. email, commerce, Internet connectivity).
The significance comes from comparisons to previous worms. For example, the Nimda worm had a moderate to major impact of more than 60% of organizations and Blaster was 30% based on the same impact criteria.
Cybertrust said organizations reported an average cost of $97,000 while clean up required more than 80 hours of work for 61% of impacted organizations. They said the healthcare industry had biggest hit at 26% of companies experiencing at least some adverse impact with only 7% of financial institutions being impacted.
One interesting point Cybertrust mentioned was how Zotob infected systems. They said the worm entered the majority of organizations "through wired networks from within the corporate perimeter" instead of normal routes like email or wireless pathways.
They said infections that began locally, occurred at least three times more frequently than from any other location such as public networks, VPNs or home networks. They said 26% of victims were impacted because no firewall was in place or firewalls weren't set properly. They also pointed out that only 7% of impacted organizations received the worm via email. It shows an incredible reliance on traditional anti-virus programs scanning incoming email and that while traditional anti-virus programs are necessary; companies definitely need more protection from these attacks.
This study shows a couple of major points. First and most importantly, most places need to reexamine the protections they have in place. Make sure the firewalls and antivirus software are up to date and working correctly. It also shows other measures could very well be necessary to protect systems. There are many possibilities for improving security in both hardware and software forms.
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
