Windows zombies are probably costing trillions of dollars to the economy. It depends on how one measures it, but a lot of what we do online and offline depends on the assumption that half of all Windows PCs are under control by someone other than the persons sitting before them. These are fairly conservative estimates that are being repeated by several separate sources and Microsoft can corroborate as a few months ago it said that one third of the machines it had scanned were in fact infected.
"OK, even allowing for the fact this comes from a newly published study (PDF) from a security company, that's still one heck of a statistic. The fact that it's Symantec, and so has access to perhaps more enterprises than most, makes it a double-heck with knobs on. Or how about this one for size: 'every enterprise, yes, 100 percent, experienced cyber losses in 2009.'"
Zeus is among the most popular crimeware tool kits out there and was placed in the spotlight last week due to NetWitness' discovery of the Kneber botnet. In a discussion with eWEEK, security pros walk through some of the ways Zeus infiltrates organizations and discuss the importance of defense-in-depth as well as having sound policies governing the remediation and investigation process if infected by malware.
--Brian Valentine, Microsoft executive at the time, now working for Amazon as Senior Vice President