Research study shows impact of cyber crime on SMEs

Date: 23 April 2004	(ICT World)
Category: Opinions	Sacha Alton, Network Associates channel manager

McAfee Security's recent 'Counting the Cost of Cyber Crime' study reveals the true impact of cyber crime on Europe's economy and growth - and the local situation is similar.

It shows that every virus attack costs small and medium enterprises (SMEs) in Europe as much as ¬5 000 - and more than one in five firms across Europe (22%) have had to close their doors for several hours to clean up a virus infection.

Hundreds of SMEs with fewer than 20 employees were interviewed in six European countries (the UK, France, Germany, the Netherlands, Spain and Italy) for the Counting the Cost of Cyber Crime research, which is the first study to examine the attitudes to online security and the impact of viruses, hacking and spam among Europe's small businesses.

The research shows that, in Europe, over a third of all small businesses feel more at risk and vulnerable to viruses than a year ago.

This is borne out by the figures, which show that a large percentage of SMEs (Italy 43%, Spain 51%, UK 40%, The Netherlands 55%, Germany 21% and France 44%) have been affected by viruses.

While an average of one in five businesses have had to close their doors to deal with a virus outbreak. In France the number was as high as one in two.

However, concerns over online security do not always translate into direct action, and many small businesses continue to operate with inadequate online security protection.

While 73% of small businesses in Spain had updated their anti-virus software in the last seven days, 11% of German small businesses operate with no anti-virus software at all.

As in Europe, local SMEs, which play a central role in economic growth and prosperity, lack the skills and resources to manage their anti-virus software.

SMEs generally cannot justify employing an ICT resource to handle updates, manage the correct versions of software and ensure that they reside on all the nodes on the network.

Because they are becoming more aware of viruses, the threats that they pose, and the necessity for anti-virus software, SMEs panic when a virus outbreak occurs.

They understand that timing is everything. SQL Slammer propagated itself worldwide within approximately three minutes - SMEs need to understand that it is imperative for the latest virus updates to reside on all PCs on a network.

Since spam is often used as a "carrier" for viruses, the research also asked SMEs about their attitude to this irritation. Although the first unsolicited e-mail (spam) was sent in April 1994, and researchers expect that by 2006 there will be over 206bn junk e-mails (Source: Jupiter Media Matrix) sent around the world, no-one could foresee one effect of spam: an unhappy workplace.

The McAfee Security research revealed that although there was concern about viruses, the effect of the tidal wave of spam is leading to office rows and "spam rage" as daily symptoms of junk e-mail. Junk e-mail sparks regular office rows in 17% of the European workplaces.

This figure rises to 24% in Spain and 27% in France. Another symptom of spam rage is people swearing at their computer screens - particularly in Germany.

In the Netherlands, spam causes disgust, while the Italians are more laid back, viewing it as a source of mild amusement.
Local companies need to understand that anti-virus software alone is not enough.

Local SMEs should start looking for products and solutions that offer a single console with management capabilities, or should outsource their ICT security to a specialist.

A single management console is a tool that ensures that policies are adhered to, and that the latest updates and patches are installed on the network. Alternatively, a specialist allows the SME to focus on its core business.