2007 Malware Report: The Economic Impact of Viruses, Spyware, Adware, Botnets, and Other Malicious Code

June, 2007


Malware continues to be a major security threat, but obtaining a quantitative risk assessment is a difficult exercise. This special report, based on our survey of IT security professionals and managers, reports on the overall change in the malware threat level by type. Malware types include destructive viruses, spyware, adware, botnet code, and hacker tools. For each malware type, the report provides statistics for remediation cost, user hours lost, system downtime, and total dollar damages. It then summarizes the annual damages by organization size, and estimates the total economic impact of malware by year for the period of 1997-2006. Analysis of the top ten malware entities in 2006 is also provided. This report is an unbiased source for estimating malware damages and analyzing the cost-benefit of anti-malware investments. (51 pp., 36 figs.)