European businesses are losing billions of pounds each year as a result of Internet viruses, but many are still failing to take basic measures to ward off attacks, such as keeping anti-virus software up to date, according to a survey published this week.
UK and French companies were particularly bad at keeping their anti-virus software up to date, the survey found, with only 39 percent in the UK and 40 percent in France saying they had updated in the last week. The next lowest was Italy, with 46 percent, while 73 percent of Spanish firms said they were up to date.
In Germany, on the other hand, a worrying one in ten of firms said they operated with no anti-virus protection at all. In Britain and Spain, only one percent said they were not protected. Spain, unique in Europe, has laws requiring businesses to have security systems and keep them up to date.
McAfee Security commissioned the survey of 500 small to medium-sized businesses in the UK, Italy, Spain, France, Netherlands, and Germany from Taylor Nelson Sofres. While only smaller firms were directly represented in the study, poor security by companies and consumers affects any Internet-connected business, because worms use infected computers to generate more infected junk e-mail messages and attacks, security experts say.
UK anti-virus company Sophos PLC estimates that one third of all spam is now relayed by consumers and businesses unaware that their PCs are infected with remote-access Trojans (RATs). But surveyed businesses were largely unaware of such dangers: 20 percent did not know viruses could send e-mail messages to recipients listed in their PC's address book, and 48 percent didn't know viruses could secretly store pornographic content on their computer.
"Any unprotected user, whether corporate, small business or end-user, becomes part of the problem," said McAfee European product manager Jack Clark. "We need to encourage people to use what virus protection they have."
Two-thirds of French respondents, and more than half in Germany admitted they could have unknowingly forwarded an infected e-mail to colleagues and other businesses.
Firms aren't neglecting to protect themselves out of a false sense of security: more than a third said they felt more at risk from viruses than a year ago. And companies are well aware of the consequences of virus outbreaks, which can be particularly hard-hitting for smaller companies: firms said on average each attack cost them €5,000 (£3,300) in lost business time, or £2,500 (£1,650) in the UK. In France, half of businesses had to shut up shop for the duration of a virus attack, the largest percentage in Europe.
Companies reported other ill effects as well, including what McAfee calls "cyber-rage". One in four Spanish respondents admitted to shouting at their colleagues as a result of receiving large amounts of spam, while 15 percent of Germans swore at their computer screen. The difficulties of modern computing induced "feelings of disgust" in 15 percent of the Dutch, the survey revealed.
In Spain and the Netherlands, more than half of companies said they had been affected by a virus in the past 12 months, compared with 21 percent in Germany.
Concern hasn't necessarily translated into action, however, with 45 percent of UK companies and 54 percent in the Netherlands listing security as a "low" priority.
In the long term, Clark agreed that Internet messaging systems such as e-mail will need to be redesigned with authentication, a sort of Caller ID for the Internet, as Bill Gates put it earlier this week, but such solutions won't arrive any time soon. "I doubt a new messaging system will come around in this decade," Clark said.
Recent viruses outbreaks include a long list of variants of the MyDoom, Netsky and Bagle worms.