It was August 5th, 2012, when a massive cyber-attack crippled operations of one of the world’s leading petroleum and natural gas company, Saudi Aramco. A Virus named ‘Shamoon’ wiped out data from 35,000 computers bringing most of their operations to a halt. What led to this catastrophic attack was the opening of one wrong email by one of the technicians that’s it! And the company suffered losses of such high magnitude that took them really long to recover. This is just one example of how a single infected computer can cost millions of dollars to your business.
A simple virus attack can wipe out data from the computer, shut it down or send the confidential data outside the organization. It can harm the company in more than one ways. Computer viruses, in the form of the worms, are designed to jump to every machine connected to the infected computer and corrupt an entire network. A virus that hides inside a file infects every computer that opens the file and can be transferred via emails, FTP, P2P software and Instant Messaging software. Due to their capability of self-propagation, viruses can spread wide and fast across the organization if not stopped or corrected on time and every virus attack comes with huge direct and indirect cost.
Cost of Virus infection
Ponemon Institute conducted a study and came up with following costs related to the virus attacks. “Virus,” “worms,” and “Trojan” attacks average $2,054 in direct costs and take 2.5 days to resolve. “Malware” attacks average $1,090 and take 2.2 days to fix. “Botnet” attacks average $1,627 in direct costs and take 1.9 days to resolve. These costs are average for just a virus attack on a mid-sized organization. They don’t include the cost of other forms of cyber attacks.
For reference, here are some figures for the overall damages to the economy caused by some well-known virus.
- MyDoom: It spread through emails and caused over $38 billion in damages.
- SoBig: This virus propagated by itself using emails and caused over $37 billion in damages.
- ILOVEYOU: This virus for the pioneer as it attached itself to the emails and self-propagate. It caused damages of $5 billion over one week alone.
There are numerous other examples that depict the severity of damage caused by viruses. However, this is only half the picture. The damage is not just financial, it also includes:
- Loss of confidential data
- Loss of employee productivity
- Loss of reputation leading to a drop in revenue
- Losses due to potential litigation and damages
Thus, it is obvious that it’s hard to calculate the actual cost of a virus attack as it takes years to recover from its devastating effects.
Sources of Virus
Organizations fail to realize that there are numerous sources of virus and simply isolating the network from the internet is not enough. That is just one point through which virus can transmit. Some of the well known advanced sources of virus infection today are:
- Unsecured Public Wi-Fi
- Shared USB drives
- Mobile devices connected via Bluetooth
- Emails attachments (MS office documents, images etc)
- Instant Messengers
- P2P sharing software
- Malicious or infected websites
Many times a computer such as a laptop is taken out of the secure network by an employee. The employee then connects to the internet using an unsecured connection. The laptop now gets infected with a virus and the employee gets it back and connects to the organization’s network. The Virus now has a chance to spread to all the computers attached to the organization’s network. This is true for external devices such as USB drives, CDs, DVDs (typically pirated copies) and other pirated software that is installed or copied onto the computer. Thus employees inadvertently end up infecting the whole organization and puts it at risk. This careless and rogue behavior makes employees a risk to the company security.
Protecting your organization against cyber attacks and avoiding them from spreading
Protecting the organization’s assets against a cyber attack, including viruses requires a coordinated effort and dedicated resources. With a bit of planning and right tools, an organization can avoid immense losses that may occur due to cyber attacks. Choose a simple yet powerful platform to manage your enterprise’s security and enforce control over data with features such as:
- Advanced Device Control: Enforce policies regarding use of storage devices, mobile and portable devices, wireless devices, network interfaces.
- Data Loss Prevention: Prevents data loss by monitoring conﬁdential and user deﬁned data shared by removable drives, network or various applications.
- Asset Management: Total visibility of changes happening on hardware and software running on endpoints.
- Application Control: Enforce control over use of unauthorized applications within the network.
- Anti Ransomware: Protection from ransomware attacks and automatic back-up of ﬁles.
Seqrite offers security solutions like Seqrite Endpoint security (EPS) which provides a simple and comprehensive platform to take care of all your security needs. It integrates innovative technologies like Anti ransomware, Advanced DNA scan, and Behavioral detection system to protect your enterprise from advanced cyber threats. Its easy scalability and effortless management and administration, reduces strain on company’s resources thereby making it a luring option for enterprises.