s of the damage caused by the ILOVEYOU
worm are by now into 9 digit
figures. One should, of course, bear in mind that these estimates are compile
d by clueless journalist
s by sum
ming the inflated number
s provided to them by computer security
companies who have economic
interest in seeing a high number.
My estimate for damages is considerably lower. It's hard to believe any large organisation was seriously harmed by this latest outbreak. After all, to be harmed, one must either be storing important data on the affected computers, or allowing them access to important data, or producing important data with these computers. But what kind of organisation is it that will do any of these 3 things on a computer known (since the Melissa outbreak last year, at the very least) to run arbitrary untrusted code arriving from external sources by email? So it's clear that the affected organisations are either employing fools to design and protect their computer systems, or could not have been seriously harmed by the worm.
But let's say the organisation's "experts" were out drinking for the past year, and had took no actions whatsoever to protect this vitally important data (that was stored, apparently, in files with extensions like .mp3 and .jpg). Following complete destruction of data, recovery consists of these 2 steps:
- Go to backup vault and retrieve last week's and yesterday's backup tapes (assuming a full weekly backup and an incremental daily backup).
- Restore from tapes.
Let's be generous and assume these actions take 6 hours, during which all work is stopped. Then an organisation which deemed its data practically worthless will lose 6 hours. That's all
. Note that many companies today have automated backup systems, which make this process much more efficient.
(and please excuse my use of data in the singular)