October 12, 2011, 2:39 PM — A study released yesterday by Microsoft doesn't quite tell customers suffering from malware infections that they get what they deserve and should just leave it alone, but it comes darn close.
Zero-day vulnerabilities, viruses, poisoned web sites, Trojan horses, malware and other forms of cyberattack cost companies 56 percent more to deal with during 2011 than during 2010, an average of $5.9 million, according to an August study from Ponemon Institute.
All but a tiny fraction of that cost goes to preventing or recovering from malware infections, the Ponemon study revealed.
The study focuses on malware propagation – how infections move within a population and what causes individual victims to become infected.
Medical epidemiologists do the same thing with human diseases, though talking to an epidemiologist about it in real life is a lot less exciting than the way Hollywood represents them in movies about infections that turn people into Zombies, just for one ripped-from-the-headlines example. There are also plenty of non-zombie epidemiology movies but it's harder to get excited about a disease that doesn't try to eat you after killing all your family and friends.
(I don't know what got me thinking about melodramatic fictional portrayals of apocalyptic panic and disaster, let alone the kind of movie that habitually punishes sexually active teenagers and other examples of the deterioration of society with a horrible fate at the hands of an unspeakable evil. Let's go back to talking about Microsoft.)
Zero-day exploits – flaws in Windows or other software that have just been discovered or for which a patch is not yet available – account for only about one percent of all malware attacks.