Virus infections accounted for roughly half of the worst security incidents for U.K. companies in the past two years, according to a new survey.
Two-fifths of these were described as having a serious impact on the affected business, the 2006 Department of Trade and Industry's biennial Information Security Breaches Survey found.
The survey, conducted by a group led by PriceWaterhouseCoopers, showed that virus infections were more likely to have caused service interruption than other incidents. Usually the disruption was minor, but roughly a quarter of companies that reported a virus as their worst incident of major disruption, said important services such as email were down for more than a day.
The majority of U.K. businesses surveyed have broadband (88 percent) and as a result, the threat from malicious software has never been greater. Despite the increased threat, fewer companies had viruses than in the last two surveys. Infection rates have dropped by roughly a third in two years.
While the number of infected companies has fallen since 2004, the average number of infections suffered has risen to roughly one a day. Several businesses reported hundreds of infections a day.
The telephone survey of 1,000 companies also found that a quarter of U.K. businesses do not protect themselves against spyware. As a result, roughly one in seven of the worst incidents involving malicious software was related to spyware that can download onto a computer when the user visits an unscrupulous website.
Two years ago, a small number of viruses dominated, such as Netsky and Bagle/Beagle. In contrast, over the last year, no single virus has caused widespread damage. Now the nature of viruses - and the motivation of their writers - has changed from attention seeking to criminal enterprise.
The research also found that patching discipline has improved, with nearly nine in ten U.K. businesses (88 percent) applying new operating system security updates within a week of their release, compared to 79 percent of businesses in 2004. Companies that installed critical patches within a day suffered fewer virus infections than those that wait a week.
Companies without anti-virus software did not report many infections. One explanation is that companies that suffer virus infection tend to install anti-virus software afterwards. More worrying is the possibility that the changing nature of viruses may mean that some do not realize a virus has infected their systems.
Worryingly, one-fifth of the companies questioned in the survey said that they do not update signature files (used to protect against viruses) within a day. Virus infections tended to take more effort to resolve than other incidents sometimes taking over 50 days' work to fix.
Chris Potter, the partner from PricewaterhouseCoopers LLP leading the survey, said it was very encouraging to see the progress that U.K. companies have made in installing anti-virus software and patching their systems.
"However, there's a danger of fighting yesterday's battle. Past viruses were designed to cause large amounts of indiscriminate damage typically by taking down targets' networks. Today's viruses have become more insidious. These programs lie hidden on infected machines, gather information and target their strikes at valuable data. Cyber-criminals now use virus infections to get in under the radar of businesses and steal confidential data," he said.
Potter added that the damage that viruses can cause extends beyond systems and ultimately can affect a company's customers, business relationships and reputation in the marketplace.
"The threat has never been greater, so this is no time for complacency. Tomorrow's battle has only just begun. In that battle, a multi-layer defence of patching, up to date anti-virus software and intrusion detection software offers the best protection," he said.
The full results of the survey will be launched at Infosecurity Europe, in London, April 25 to 27.