Viruses – Are We Winning the War?

The 11th Annual CSI/FBI Computer Crime Survey was recently released. Again this year, the number of reported incidents involving virusi topped the list, but the frequency of those incidents have dropped over 30-percent since 2001. The next major sources of threats are laptop thefts followed by abuses of network accesses.

More evidence of IT as a utility: I believe this trend is better explained less by end user education and more on the inherent ability of technology to catch and prevent virus attacks on microcomputers. What this report doesn’t measure is the impact of spam and phishing which are, according to the statistics I’ve read, rising rapidly in terms of volume and complexity. Therefore, these numbers don’t reflect the TCO expense shifting from managing the virus problem (now more of an automation, patching, and filtering problem) to the spam problem; spam being a carrier of adware, spyware, and virusi itself.

However, my assumptions aren’t supported by a recent article in the Washington Post that evidence a $7.8 billion consumer price tag on virus and phishing repairs. In fact, the article goes on to say…

The Consumer Reports survey of 2,000 households found that 20 percent of
respondents didn’t have antivirus software and that 35 percent didn’t use
spyware-blocking software. As the Internet gains more users, it’s important to
educate them on the security risks, Cole said.

So the gains we’ve seen over the last five years are probably the most significant inroad we’ll see until malware protection built in to our applications and operating systems. Although Microsoft has announced that it will not bundle an anti-virus solution with Vista in January 2007, Microsoft is undoubtedly entering the anti-virus marketplace with its Antigen server products. Further, IE 7.0 – due to be patched to XP boxes through Windows Update – includes built-in spam/malware protection. Native tools will diminish the vulnerability of end-users.

Although Microsoft has recently infuriated its anti-virus partners by making inroads into their market – just like when they introduced a personal firewall in XP SP2 – we really have to look at the IT as a utility trend: does the consumer really want to download and use separate products? Can we further erode those numbers listed in the CSI/FBI Survey if up to 30-percent of households aren’t installing required software? Can better anti-virus security be achieved by educating end-users on what tools to use and how to use them? I don’t think so.

What Microsoft is doing by bundling anti-virus enhances the IT as a Utility idea and it reflects what small business consumers need: an integrated solution that mitigates risk and reduces complexity. Despite the monopoly complaints, only when we find the anti-virus product embedded in the operating system and remove anti-virus as a user-initiated defense strategy will we be able to bring this threat under better control so we can truly win the war.

R

Russell Mickler works a technology consultant in Battle Ground, WA, USA. With over thirteen years of experience, Mickler holds a CISSP, MCSE, a Masters Degree in Information Technology, and is pursuing his Doctorate at Walden University. His website can be found at www.micklerandassociates.com; he can be contacted at mickler@micklerandassociates.com.

Name (required)

Mail (will not be published) (required)

Website