Interesting take on "hysterical" virus cost estimates - Tilted Forum Project Discussion Community

Mephisto2 · 08-10-2004, 05:40 PM

I found this article interesting.

Maybe you will too...

Quote:

MyDoom damage estimate termed absurd
By Sam Varghese
February 6, 2004

Vmyths, a site which describes itself as being dedicated to the eradication of computer virus hysteria, has questioned an estimate of the damage caused by the MyDoom worm, dismissing it as absurd. The estimate of $US38.5 billion was put out by the London-based firm mi2g.

Vmyths regularly puts out what it calls a Hysteria Alert. In the latest alert, editor Rob Rosenberger said: "In our previous Hysteria Alert, we predicted "someone will soon declare a 'guesstimate' damage value for the MyDoom virus/worm, strictly for its PR value."

Rosenberger said this figure was 1.6 percent of the US federal budget proposed for the next fiscal year or 40 percent of the damage caused to New York City by the attacks on September 11, 2001. It was also more than double the cost of Hurricane Andrew in 1992.

"We asked it before and we'll ask it again - why do British fearmongers so often give guesstimates in US dollars?" he asked.

Asked how the firm had estimated the damage, a mi2g spokesperson said: "The EVEDA algorithm is a component of SIPS and estimates economic damage on the basis of help desk support, overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades."

SIPS stands for Security Intelligence Products and Systems. EVEDA stands for Economic Valuation Engine for Damage Analysis and is a component of SIPS, according to mi2g.

The spokesperson said economic damage for malware and spam was calculated on the basis of sampled damage data on the basis of these variables combined with estimates of the number of machines infected. "We prefer to limit our model for such damage to these factors even though actual losses could be higher due to brand damage and other factors. Of course, most virus carrying emails are stopped by filters, but EVEDA also takes into account the cost of bandwidth involved for individual users.

"Anecdotal evidence helps us to confirm the scale of the estimate - at the height of the MyDoom attack, one large London firm we know had to close down their offices for a couple of days as they were being continually swamped by virus carrying emails, undeliverable notifications and virus alert messages."

Last month Vmyths questioned an estimate made by anti-virus software maker TrendMicro. A Reuters report quoted Trend Micro employee Lionel Phang, who works in the firm's Singapore office, as saying, "computer virus attacks cost global businesses an estimated $55 billion in damages in 2003."

Rosenberger said two spokesmen at Trend Micro had called Vmyths about this; "spokesman Michael Sweeny flatly dismissed the guesstimate as 'wrong.' Spokesman David Perry insists Trend Micro cannot gauge a damage value - because they simply don't collect the required data," Rosenberger said.

TrendMicro did not respond to a request for comment.

This story was found at: http://theage.com.au/articles/2004/0...854035648.html

Now, having said that, I know that working for a global IT company, we spend a lot of time (and therefore money) fighting viruses. I wonder who is correct?

Mr Mephisto

Reese · 08-11-2004, 12:13 AM

I'd say these estimates could be correct.

9/11 damaged was concentracted in a very small area so it looks much more expensive by comparison.

I'd say that the damages of Spam for the last year is higher than mydoom virus, it doesn't look bad because the problem is less severe but has been around longer and has effected many more people.

Pragma · 08-11-2004, 05:37 PM

Honestly, I agree with VMyths a great deal. Of course, it helps that I've long since grown sick and tired of mi2g's FUD - but there's no way that virus outbreaks cause that much in the way of problems.

In our organization - several tens of thousands of computers - we've got a tiered layers of ePolicy Orchestrator servers and SUS servers, so as soon as updates come out. We've had a few virus outbreaks, but they've been very limited (<10 computers hit) and very quickly contained.

The overall cost from each specific virus outbreak is minimal for us. How much does it cost for a sysadmin to open a management console and click through "download and apply latest DAT file"?

Quote:

"Anecdotal evidence helps us to confirm the scale of the estimate - at the height of the MyDoom attack, one large London firm we know had to close down their offices for a couple of days as they were being continually swamped by virus carrying emails, undeliverable notifications and virus alert messages."

Does it really take that much bandwidth to set up a mail server filter to drop mails with certain attributes? I doubt it happened exactly like that, or else their SA's were being highly paranoid. Granted, our organization has a SONET line, but we've never come close to having a measurable percentage of bandwidth consumed by viruses/worms/etc..

08-11-2004, 12:13 AM	#2 (permalink)
Reese Delicious	I'd say these estimates could be correct. 9/11 damaged was concentracted in a very small area so it looks much more expensive by comparison. I'd say that the damages of Spam for the last year is higher than mydoom virus, it doesn't look bad because the problem is less severe but has been around longer and has effected many more people. __________________ “It is better to be rich and healthy than poor and sick” - Dave Barry Last edited by Reese; 08-11-2004 at 12:19 AM..