Naturally Occurring

  • Tornado
  • High Winds
  • Thunder/Electrical Storms
  • Ice Storm
  • Snowstorm/Blizzard
  • Flooding
  • Earthquake
  • Epidemic
  • Major Landslide
  • Hurricane/Typhoon
  • Tropical Storm

Business

  • Power Outage: External
  • Labor Dispute/Strike
  • Employee Turnover
  • Power Outage: Internal
  • Unavailability of Key Personnel
  • Human Error: Operations
  • Gas Outage
  • Water Outage
  • Loss of Transportation
  • Human Error: Maintenance
  • Single Source Suppliers

Man-Made

  • Data Theft
  • Building Physical Security Weakness
  • Fire
  • Toxic Contamination
  • Arson
  • Sabotage: External/Internal
  • Workplace Violence
  • Terrorism
  • Bomb Threat
  • Riot/Civil Disorder
  • Fraud/Embezzlement
  • Vandalism
  • Physical Asset Theft
  • Misuse of Resources
  • Aircraft Crash
  • Explosion
  • Water Leak/Plumbing Failure

Information Technology

  • Voice & Data Telecommunications Failure
  • IT equipment Failure
  • Human Error: Programmers/Users
  • Security Vulnerability: Internal/External
  • Data & Software Sabotage
  • In-house Developed Application Failure
  • HVAC Failure/Temperature Inadequacy
  • Purchased Software Failure
Disasters Of Note

Back

MS Blaster Virus Attack - August 11, 2003

On 11 August, 2003 a worm that exploited a vulnerability in the remote procedure call (RPC) protocol in Windows 2000 and XP systems was released on the Internet. This worm, most often called “MSBlaster,” but also “Blaster,” “LovSan (Note 1),” “W32/Lovsan,” “W32.Blaster,” “Win32.Poza,” “WORM_MSBLAST.A,” and “W32/Blaster-A,” spread dramatically. MSBlaster clogged many organizations’ networks with the traffic it created and many stories of massive disruption surfaced. Some banks (including all of their branch offices) suffered computer outages that prevented customers from making transactions, staff at some hospitals were unable to access online patient data. Some businesses and Government Agencies had to shut down for an entire day because of this virus.

Business Impact

It's difficult to completely identify the total cost of the MS Blaster virus attack of 2003. It is estimated that it infected upwards of 100,000 Microsoft Windows systems and caused multiple millions of dollars in damages. A computer virus infection brings with it many costs, including the staff time required to eradicate it; expensive hardware, software and file damage; system downtime; and the most difficult cost to assess, tarnished reputation and a loss of business and clients.

Computer Virus Risks

Attacks from various types of computer viruses and worms like MS Blaster have had profound effects on computer systems around the world. Enterprises have been brought to their knees and forced to spend billions of dollars cleaning up the mess and rebuilding their infrastructures. While the increased IT costs are clear, there are other risks corporations face with regard to e-mail borne viruses.

System Downtime

E-mail has evolved to be the primary communication tool for most organizations and the loss of e-mail due to attack can severely affect enterprise operations. Beyond the immediate expenses involved in restoring the network, an attack on your enterprise e-mail system can also result in lost hours and days for employees who have come to rely on it to accomplish their daily tasks.

Resource Depletion

The costs of cleaning up after an attack are significant. IT teams are forced to spend considerable time and money repairing virus damage. The damage, however, is rarely contained to network servers. Once inside the network, viruses can quickly infect large numbers of relatively exposed client machines - all of which must be individually cleaned, patched and repaired.

Administration

In the past, when a new vulnerability was discovered, network administrators scrambled to apply security patches from the makers of their anti-virus software and manually reviewed quarantine lists for virus-infected messages. Software manufacturers release patches so frequently that network administrators cannot reasonably be expected to keep up with them all. As stated by Gartner Research, Enterprises will never be able to patch quickly enough. After all, attackers have nothing else to do. The staggering damage caused by recent computer viruses and malware attacks is clear evidence that manual intervention to institute emergency measures or review quarantined messages is rarely effective against rapidly propagating threats.

Compliance and Liability

Recent Federal regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley Act (SoX), require enterprises to protect data residing in mail servers and other internal systems. Security breaches violate these regulations, exposing sensitive data and opening the door to serious sanctions and costly litigation.

Credibility

Falling victim to a virus attack can also result in lost trust from business partners and customers. According to Gartner, Enterprises that spread viruses, worms, spam and denial-of-service attacks will find not only that malicious software can hinder their profitability, but also that other businesses will disconnect from them if they are considered to be risky. While an attack may not be your fault, it is most certainly your problem.

Back