History repeating: love spreads around

The estimated cost over the last year for Melissa and the other major virus attacks is $12.1bn. However, many of the virus vendors and security experts silicon.com spoke to yesterday said this time the bill could be even higher.

As companies grow more and more dependent on computing systems to carry their corporate data, it seems virus attacks on this scale will cause more damage to mission-critical operations. So unsurprisingly, IT managers and directors are beginning to place system security further up their list of priorities.

But even a company that religiously updates anti-virus software finds it is as vulnerable as any other when it comes to a clever hacker or virus author.

Jack Clark, European product manager at anti-virus vendor Network Associates, admitted the 'Love Bug' attack took him by surprise.

Other vendors said the same, with many drafting in extra support staff at the last minute. A patch to combat the virus was available by mid afternoon on Thursday but many silicon.com viewers reported extraordinary difficulties getting onto sites, or through to call centres, to get their hands on the antidote.

Anti-virus vendors do not feel they can do any more than they are doing to protect their customers from each and every virus that comes along.

Rob Eatwell, anti-virus business development manager at Network Associates, said: "Vendors are genuinely trying very hard to stop corporate networks getting infected. Blame isn't the issue right now, we just have to work together to find a solution."

But some people don't accept this position. One of the many silicon.com users to contact us with reports of computing disaster was Andrea Travers, support manager at Help IT Systems software house.

The virus has had a devastating effect, she said. Clients have been emailed, vital files have been deleted and she expects the fallout to continue and the costs to spiral to many thousands of pounds.

Travers feels that the anti-virus vendors have let her down. "We use Dr Solomon's and update with the latest fixes regularly, but we weren't protected. However, one of our associates was automatically protected. They must have something we don't. How can it be that Dr Solomon's doesn't offer us the same protection as another organisation?"

Some recent versions of virus protection software can detect virus behaviour patterns. All the vendors claim to be busily fashioning a new generation of products that will cut email attacks off at the pass.

But there may never be a technological solution.

Rolf Rennemo, European product manager of another security company, Trend Micro, said: "Every time you have some kind of protection, you will have a new hacker. Is there ever going to be no hack attacks? No. Just the same as there is never going to be zero crime on the streets."

Does this mean this kind of periodic global meltdown is going to become the norm?

Steve Pearce, spokesman for online data services company Vdata, believes that immunity will come with a major shift in investment strategy.

"Companies see protection of IT systems as a grudge spend. But it's only going to get worse. Virus scares such as these are going to herald a new age of security awareness," he said.

Internal policies are undoubtedly going to be the key to surviving attacks. As well as investment, companies need to provide more leadership and apply more stringent controls. Eventually they will be forced by these and many more attacks to take security more seriously.