Study: Microsoft Windows Botnets Costing Millions Per Enterprise

Dr. Roy Schestowitz

2010-02-23 08:59:38 UTC
Modified: 2010-02-23 08:59:38 UTC

Summary: New estimates of the cost of turbulence and intrusion as applied to large businesses

Windows zombies are probably costing trillions of dollars to the economy. It depends on how one measures it, but a lot of what we do online and offline depends on the assumption that half of all Windows PCs are under control by someone other than the persons sitting before them. These are fairly conservative estimates that are being repeated by several separate sources and Microsoft can corroborate as a few months ago it said that one third of the machines it had scanned were in fact infected.

Cost of cyberattacks alone -- attacks that are carried out from Windows zombies for the vast part -- are estimated to have affected three quarters of enterprises and cost just over 2 million dollars on average (for each enterprise). Security vendors insist that most businesses keep breaches and attacks secret for all sorts of reasons, so the problem is underreported.

"OK, even allowing for the fact this comes from a newly published study (PDF) from a security company, that's still one heck of a statistic. The fact that it's Symantec, and so has access to perhaps more enterprises than most, makes it a double-heck with knobs on. Or how about this one for size: 'every enterprise, yes, 100 percent, experienced cyber losses in 2009.'"

eWEEK also has this new article about the Zeus botnet:

Zeus is among the most popular crimeware tool kits out there and was placed in the spotlight last week due to NetWitness' discovery of the Kneber botnet. In a discussion with eWEEK, security pros walk through some of the ways Zeus infiltrates organizations and discuss the importance of defense-in-depth as well as having sound policies governing the remediation and investigation process if infected by malware.

The article totally 'forgets' to mention Windows, but then again, it's an article from Microsoft's partner, Ziff Davis [1, 2, 3]. They would rather pretend it's just a "computer issue" or "malware", as usual. ⬆

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive at the time, now working for Amazon as Senior Vice President

Recent Techrights' Posts

GNU (and the FSF) Still Changing the World: Today, in 2025, GNU powers almost everything
Military-Grade Anti-Linux Microsoft Propaganda Using Microsoft LLMs in Fake 'News' Sites (Slopfarms): This is part of a pattern
Rust is Starting to Seem More Like Microsoft-hosted "Digital Maoism", Not a Legitimate Effort to Improve Security: Maybe this is very innocent, but they seem to have taken a solid, stable program from a high-profile Frenchman and looked for ways to marry it with GitHub, i.e. Microsoft/NSA
Links 09/05/2025: TeleMessage Blunder, More Distractions From Impending Mass Layoffs at Microsoft: Links for the day
Links 09/05/2025: Analog Computer and First time at FOSDEM: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, May 08, 2025: IRC logs for Thursday, May 08, 2025
Links 08/05/2025: Mass Layoffs at Google Again, India/Pakistan Tensions Continue to Grow, New Pope (US) Selected: Links for the day
"Victory Day" - Part I: That is the Day Microsofters Who Assault Women Pay for Their Actions in Foreign Land (Using "Guns for Hire" Who Attack Their Own Country for American Dollars): Adding a friend from Microsoft to the docket didn't help
Gemini Links 08/05/2025: Practical Gemini Use Case, Shutdown of the Blanket Fort Webring: Links for the day
Links 08/05/2025: "Slop Presidency", US Government Defunds Public Broadcasting: Links for the day
Lasse Fister, Organiser of Libre Graphics Meeting, Points Out the Code of Conduct is Likely Violated by the Same People Who Promote Codes of Conduct (and Then Bully Him Into Cancelling a Keynote): I am starting to see Lasse Fister as another victim
LLM Slop Attacks Not Only Sites of Free Software Projects But Also Bug Reporting Systems (Time-wasting, in Effect "DDoS"): Microsoft, the leading purveyor and promoter of slop, is a cancer
The Richard Stallman (RMS) "European Tour" Carries on In Spite of the Nuremberg Incident: Some people spoke about how they saw yesterday's talk
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, May 07, 2025: IRC logs for Wednesday, May 07, 2025
The CoC Means the Founder of GNU/Linux Cannot Talk and a 72-Year-Old Man With Cancer is Somehow a "Safety" Risk?: Those who don't like RMS are not forced to attend his talks
Gemini Links 07/05/2025: A Shopping Spree and Digital Gardening: Links for the day
Links 07/05/2025: Pegasus Guilty and a Path Towards EU Without Russian Energy: Links for the day
People Used to Talk: If pets can live a measurably happy life without gadgets and "apps", why can't humans?
Outsourcing GNU/Linux to Microsoft GitHub Promoted by Microsoft LLM Slop and Army Officers: Something doesn't seem right
Weaponisation of For-Profit Dockets - Part III: No More Media Lawsuits From Brett Wilson LLP This Year, One Can Only Guess Why: People leak a lot of material to Techrights because they know, based on the track record, that the sources will be protected and whatever gets published will stay online, in full, no matter how stubborn an effort (even lawsuits and blackmail) will be sent its way
Gemini Links 07/05/2025: Adopting GrapheneOS, Further Enshittification of Flickr: Links for the day
Links 07/05/2025: CISA Gutted, Debt-Saddled (Likely Insolvent) 'Open' 'AI' (Proprietary Slop) Faking Its Financial State Again: Links for the day
Finland, Lithuania, and Latvia Fortify Their Digital Border With GNU/Linux: This month's data from statCounter is particularly interesting near the Baltic Sea
The European Patent Office (EPO) Has a Very Profound Corruption Issue, Far More Urgent an Issue Than Pronouns: a rather long document
Richard Stallman Gives Public Talk at Technical University of Liberec, Czech Republic: "For programs that you could run, and for network services that could do your own computing, under what circumstances is it reasonable to trust them?"
Today We Turn 18.5: The eighteenth "and a half" anniversary
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, May 06, 2025: IRC logs for Tuesday, May 06, 2025