British business sustained a massive attack from both viruses and unsolicited emails in 2004, with the manufacturing sector in particular being plagued by spam, according to new figures released today by MessageLabs, the leading provider of managed email security services to business worldwide.
The figures show that over the past year more than four out of every five emails (82%) received by manufacturing firms were unsolicited spam. Firms in the recreation (74%), retail (64%) and chemicals & pharmaceuticals (64%) sectors also suffered badly.
Viruses were the biggest problem among Not-for-Profit and Healthcare organisations, where one in every six emails contained malicious content. The Government and Public Sector (1:9), Retail (1:10), Education organisations (1:12) and Building & Construction companies (1:14) also sustained regular attack.
The sectors best protected from viruses were Professional Services such as legal firms where the ratio was one in every 38 emails, and Financial Services companies who received a virus every 29 emails. The Manufacturing sector is not so badly affected by viruses as spam with a ratio of one virus to every 26 emails.
Having suffered significant virus attack, the Government and Not-for-Profit sectors fared better against spam, with only 19% of Government & Public Sector email classified as unsolicited and only 24% of Not-for-Profit.
Mark Sunner, Chief Technology Officer at MessageLabs, said:
The severity of these attacks is unsurprising, as 2004 marked a sea-change in terms of email security threats to business. The convergence of viruses and spam is now dominant almost all viruses released in 2004 contained some additional component allowing the infected machine to become a spam sending zombie. So it is of little surprise that all sectors of UK plc were so badly hit.
What is notable is the spread of the attacks however. In previous years the companies most affected tended to be those dealing mostly with less-protected home users. This year there does not appear to be such an obvious trend. That said, those companies most aware of the need to protect confidential information in their business such as law firms and banks do tend to have the most sophisticated approach to their security.
The overriding message from these figures is that business cannot afford to be in the least bit complacent. The threat from viruses, spam and other potential online attacks is such that simply installing anti-virus software will leave a business horribly exposed. Increasingly a more comprehensive, multi-layered approach to security is required, including scanning for such threats proactively at the Internet level, before they reach the network boundary.