Steve Quayle News Alerts

January 28, 2004
By Andrew Stein, CNN/Money staff writer

NEW YORK (CNN/Money) - The latest e-mail virus to clog in-boxes is expected to cost companies up to $250 million in lost productivity and technical support expenses, a security expert said Wednesday.

The MyDoom worm that is spreading across the Internet is more costly than the recent So Big or MS Blast viruses that were launched last summer because it leaves behind a "Trojan horse," said John Pescatore, vice president of Internet security for Gartner Inc.

A Trojan horse is a program sent to a computer through an e-mail and can remain behind after the e-mail is deleted to copy or damage files.

"The spreading of the worm has slowed down slightly, but the real cost is going back and cleaning computers," said Pescatore, who estimated that the SoBig virus cost companies about $50 million for lost productivity and technical support expenses.

"MyDoom will be about four or five times that because of the extra time and resources it takes to go back and secure the computers," Pescatore added.

The largest cost will come from medium-to-small sized companies with 400 employees or less, said Andy Cummins, CEO of technology services firm U.S. Networks.

"We think MyDoom will cost these companies $48,000 to $58,000 (each) to secure themselves from MyDoom," he said, adding that his systems will see an estimated 1,000 occurrences of the worm in the next 14 days.

While the virus has been clogging up in-boxes, it's also on course to attack the Web site of software firm SCO Group with a deluge of e-mails Feb. 1. It seems the virus is targeted toward SCO for its royalty fight with IBM over Linux code.

But MyDoom's main threat remains the Trojan horse.

"The denial of service attack on SCO could be seen as a diversion, but it's more like a[n ID] tag from the creator," said Pescatore. "After the attack on SCO, the Trojan horses will remain behind and can still inflict damage."

Bounty hunters

Joining the ranks of software bounty hunters, SCO Group announced Tuesday that it is offering a $250,000 reward for info leading to the arrest and conviction of the virus writer.

In November, Microsoft (MSFT: Research, Estimates), the world's largest software firm, said it is creating an anti-virus reward program, backed by $5 million of its cash, to help law enforcement agencies catch the authors of computer worms.

As part of the program, the company announced two $250,000 rewards for information leading to the arrest of the writers of two previous computer worms -- the Blaster worm and SoBig.F e-mail virus -- that crippled many PCs running on the Microsoft Windows operating system in the summer.

A Microsoft spokesman said Wednesday it is looking at offering a reward for information leading to the arrest of the creator of the MyDoom worm. He added the company has not paid out its $250,000 rewards for the SoBig or MSBlast viruses.

Despite the continuing proliferation of e-mail viruses, Microsoft co-founder and chief technology officer Bill Gates predicted last week the eventual demise of unsolicited commercial e-mail at the World Economic Forum in Davos, Switzerland.

"We as a company believe that by a couple of years from now spam will be down to a very manageable trickle ... it will be almost an afterthought," Microsoft spokesman Sean Sundwall said.

http://money.cnn.com/2004/01/28/technology/mydoom_costs/index.htm