Viruses Down, Software Vulnerabilities Up

press release

press release & faq

London, UK - 17th January 2002, 1630 GMT - New trends are emerging with software vulnerabilities becoming the key issue over viruses in 2002. The latest figures compiled by the mi2g Intelligence Unit show a decrease of 41% in new virus species from 413 in 2000 to 245 in 2001. However, according to CERT, global software vulnerabilities have increased by 124% from 1,090 in 2000 to 2,437 in 2001.

As new software vulnerabilities are exploited by virus writers, disgruntled employees and hacktivists, corporations are having to patch up their systems continuously. Carlsbad-based Computer Economics has estimated the worldwide economic impact of malicious code attacks at US$ 13.2 Billion in 2001. The most significant attacks from internet worms exploiting vulnerabilities were Code Red ($2.62 Billion), SirCam ($1.15 Billion) and Nimda ($635 Million). In each case, Microsoft product vulnerabilities were exploited.


Where mi2g could trace and compare the origin of the virus species, Europe led the world in the development of those viruses at 57%, of which 21% originated from Eastern Europe including Russia. North America accounted for 17%, followed by the Far East at 13%.

There are a number of prolific serial virus writers: “Zombie,” “Benny,” “Black Baron,” “David L Smith” and “Chen Ing-Hau”. Most virus writers tend to be fairly young (late teens, early 20s), often male, and get no commercial benefit. Steve Trilling, at Symantec, said “With more and more critical business and government functions conducted online, we could see more ‘professional’ types of attackers.”

Other Trends for 2002

Digital risk is increasingly coming from automated and self-propagating worm attacks. According to separate research by Kaspersky Lab of Russia, 60% of attacks were from worms exploiting vulnerabilities in 2001 whereas this figure was only 30% in 2000 and 11% in 1999. In an opposite trend, the number of macro virus incidents has been steadily decreasing – from 79% in 1999 to 52% in 2000 and 30% in 2001.

Why are so many vulnerabilities coming to light? “Software vendors have been keen to profit from new products without paying adequate attention to the long term quality issues such as trusted computing and the security perspective,” said DK Matai, Chairman and CEO of mi2g. “As evidenced by the recent sea change in Microsoft’s priorities, the focus on product development from day one has to be on security as it cannot be bolted on.”


Notes to Editors

More statistics can be obtained from www.mi2g.com/status/viruses

About mi2g:

mi2g Digital Solutions Engineering pays particular regard to security. mi2g advises on the management of eRisk and incorporates Bespoke Security Architecture in its SMART sourcing solutions. mi2g builds highly secure intranets and extranets, digital communities and data warehouses that are specifically constructed for data mining, customer relationship management and enhancing the network effect.

For further information - www.mi2g.com

What is Bespoke Security Architecture?

Bespoke Security Architecture brings together firewall layers, intrusion detection and other defensive structures, as well as automated intelligence techniques with legal, human resource and company policies.

What is eRisk Management?

eRisk Management deals with a variety of issues associated with implementing digital solutions and integrating Service Level Management. It includes selecting the optimum technology set, managing external partners and alliances, linking payments to targets, defining rigorous quality control procedures, managing the growth in online traffic post launch, achieving the expected return on investment, and bringing about the changes in the corporate culture required for successful eBusiness.

What is SMART Sourcing?

mi2g SMART Sourcing is the careful selection of cost effective and trustworthy suppliers from around the world for building and maintaining highly secure digital platforms on a 24 by 7 basis.

For additional information please contact - Intelligence Unit, mi2g

Telephone: +44 (0) 20 7924 3010 - Facsimile: +44 (0) 20 7924 3310 - eMail: Intelligence Unit

Renowned worldwide for the ATCA Briefings. Subscribe now.
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy