Saturday September 1 3:05 PM ET

Computer Virus Costs Reach $10.7 Billion This Year

By Elinor Mills Abreu

SAN FRANCISCO (Reuters) - The worldwide cost of the Code Red computer worms that were unleashed on the Internet in July and August has reached about $2.6 billion, an independent research firm said.

While hefty, that was just a part of the total cost of attacks on computer systems this year.

The cost of virus attacks on information systems around the world reached an estimated $10.7 billion so far this year, according to Computer Economics of Carlsbad, California. That compares with $17.1 billion for all of 2000 and $12.1 billion in 1999, Computer Economics said on Friday.

``If there are no new bugs, then we will land under that, around $15 billion,'' said Michael Erbschloe, vice president of research at Computer Economics. But ``one more big outbreak that becomes a billion dollar bug'' would put the total over last year's.

Love Bug, whose 50 variants have hit more than 40 million computers since it emerged in May 2000, was the most expensive virus so far at $8.7 billion, Erbschloe said.

The Melissa virus, at $1.2 billion, and the Explorer virus, at $1 billion, were the costly viruses of 1999, he said.

This year, in addition to Code Red, the other big virus has been SirCam, which has infected more than 2.3 million computers and cost $1.035 billion, according to the research.

The costs from SirCam included an estimated $460 million spent on cleaning infected systems and $575 million for lost productivity.

Code Red, which infected more than 1 million computers, resulted in an estimated $1.1 billion in clean-up costs and $1.5 billion in lost productivity, so far, according to Computer Economics.

Clean-up costs include patching systems and returning them to normal operation and inspecting servers to see if they need patching. Lost productivity includes time spent by system users and support and helpdesk staff on virus issues that takes them away from their regular responsibilities.

The quick spread of Code Red in July, infecting more than 250,000 systems in just nine hours, prompted fears by government officials and security experts that it would slow down the Internet when it re-emerged Aug. 1.

The worm was originally designed to die out late in the month, but began spreading again in August as a result of infected computers with incorrect time or date settings.

Code Red II, which arrived Aug. 4, spread faster and installed a ``back door'' on infected computers that left the machine vulnerable to future hacking,

There was relatively minor network impact overall from the worms, mostly because people patched their systems.

http://dailynews.yahoo.com/h/nm/20010901/tc/tech_virus_dc_2.html

-- Martin Thompson (mthom1927@aol.com), September 01, 2001