See below: |-------------> |(Embedded | |image moved | |to file: | |pic00719.pcx)| | | |-------------> >------------------------------------------------------------------------| |"M. Adam Davis" | |16/05/2000 13:24 | >------------------------------------------------------------------------| Please respond to pic microcontroller discussion list To: PICLIST@MITVMA.MIT.EDU cc: (bcc: Dan Lloyd/GBPTD/ABB) Subject: Re: [OT] Claim to be a Philippine Virus Security Level:? Internal Well, lets do the math. Assume a large company, say an auto company with 10,000 email-using employees in southeast MI. On employee gets the virus mid-day and runs it. It infects their contacts (3/4 of which are internal employees). From there the email is exponential, even if only a few of the recipients actually run the program. By late afternoon (when the offices are closing, and the plants are beginning their second shift) every plant and office worldwide has at least a few employees who have run the virus. The load on the mail servers runs up way past the redline and messages start getting dropped. Eventually some of the servers halt altogether, and pagers start going off for the sysadmins. At this point the virus is still 'new' and these guys don't know much about it. Their mail servers are flipping out (so they suspect another melissa variant) but they can't check their own email (the servers are at best loaded to capacity, at worst completely down) so they don't get messages from users about a strange email they keep getting copies of. Now, a good portion of this company's computer services are outsourced, so they aren't just paying employees overtime, they are paying an outsource service overtime (much more expensive) though this is offset a little by the fact that most of their own staff are salary paid and don't get overtime. We'll say that they pay this company an extra $500,000 to remotely handle the hundreds of servers and actively monitor them for the next week. So these people need to work overtime. They shut down/disconnect all the servers in /each/ facility, and examine the contents of one. They find the virus, and determine a plan of action. Here's the expensive part: While a script can get rid of most traces of the virus, and a few filters can keep it from spreading much more, thousands of emails have been lost/dropped, schedules have been moved back, parts aren't on order (and they are supposed to be), etc, etc. Because of this, the assembly lines in a few dozen plants are slowed or stopped for several minutes or hours at a time over the next two weeks while everything gets re-ordered, synchronized, etc. Of course, there are about 300 employees per plant who have to stop working for, say 10 hours each over the next two weeks in 5 plants. The average emplyee makes $12/hour (actually much more, but we'll be conservative here). Therefore each plant loses $3,600/hour just in labor (We'll ignore cost of electricity and other consumables used during this time) and these five plants lose $180,000 JUST in labor. They also lose money because the effects cascade down through other plants to the point where several cars are made late (and therefore not made- you can't just speed up a plant to make up the difference without raising the cost of the car) There are the countless hours each and every employee lost because they did not have email access for a day or two. In effect, the entire organization and each employee in this company 'lost' at *least* 2 days of active work, if not a week of work. Given that the average employee is making about 15/hour (including benefits, UAW fees, etc) then they lost between 2.4 million and 6 million dollars JUST in lost employee work time. They also lost electricity (you should see the electric bill for one day at the average plant - some plants have their own power stations) and other utilities, they lost orders, they were talked into various hardware and software upgrades to 'prevent future occurances', etc, etc. Given that at least 100 companies in the US were affected by this to this extent (which were this large) and then all of the other smaller companies which are having issues on a smaller scale, I can easily see several billion dollars worth of 'damage' (lost revenue) which these companies can claim. -Adam William Chops Westfield wrote: > > >> An "idiot" that caused $4.4 billion worth of damage. > > Say what? The "$$$ damage" reports for computer crackers have always > seemed pretty suspect to me - similar to the "street values" reported > for large drug seizures. I mean, where do you actually GET $4.4 > billion? X million computers infected, each of took a "computer expert" > (worth $$$/hour, of course) some time to fix? NNN systems offline for > YY hours, at an average revenue rate of $$$, or charged CPU rate of $$? > Gimme a break. Like anyone actually paid extra for someone to fix this, > or lost an order when they were offline that didn't come in later. I > hear much of the lost time was in assorted government agencies? Maybe > that ought to count as a benefit! > > The "agents" in Los Alamos did a much more concrete bit of businness. > (not that there were any. Accidents beat out malice yet again...) > > BillW *** I didn't do the math - I didnt need to (but thanks to Mr Davis); I do have faith in the BBC Newsnight programme which is probably the most honest news reporting on the planet (I sound like a Carlsberg ad!) and they gave the figure as being that high. I have bigger fish to fry than to worry about it; my point was that, for an "idiot", the guy caused a lot of damage which was compounded by the moronocy of people who STILL manage to open email attachments no matter how many times they are told that they are (/can be) extremely dangerous. Darwinism with a technological slant, in my opinion. (Uh oh, here goes the evolution vs creation debate). I am out of this thread *now*..... Dan Content-type: application/octet-stream; name="pic00719.pcx" Content-Disposition: attachment; filename="pic00719.pcx" Attachment converted: definition:pic00719.pcx (????/----) (000136C0)