The Hindu Business Line : Loss due to Sasser estimated at Rs 120 cr

THE Sasser worm may have slowed down a bit, but it has left behind a trail of destruction with experts estimating the damage due to time lost by Indian companies at nearly Rs 120 crore.

The estimated downtime due to the worm was four to eight hours per affected machine.

Out of the total user base of 15 million, it is fair to assume that 20 per cent of the machines, or nearly 2.5 million units, got affected.

Assuming an average downtime of four hours, the total time loss comes to about 1,200 man-hours, according to industry estimates.

"Going by the same calculation, and assuming the annual salary of an employee at Rs 2 lakh, we estimate that the financial loss would be in the region of Rs 100-120 crore," the chief executive of a leading IT security firm told Business Line.

When contacted, the National Association of Software and Service Companies (Nasscom) spokesperson said that it was too early to estimate any losses due to the worm.

"We are collecting data from our members but, as of now, we have no basis to even hazard a guess," the spokesperson said.

According to Mr Manish Sethi, Head-Security Solutions, Datacraft India, the worm has been brought under control by most organisations, although some public sector banks are still struggling to get things under control, especially with newer versions making their appearance.

"Most of our clients have reported machines in their organisation getting affected. The effect has been particularly severe in at least four public sector banks that we visited in the last few days," he said.

Mr Jasminder Gulati, head of Data Security Division at Microsoft, said that the company had announced the vulnerability on April 13 and made a corrective patch available for the Sasser-type worms.

"Whoever downloaded the patch would have been protected. Announcing vulnerability is a catch-22 situation companies now face. By announcing, we often give ideas to hackers to come up with a worm and strike. It is a continuous war."

Mr Sethi said that the time between the announcement of vulnerability in a popular software and an actual impact has been reducing over time and now firms have to address the situation with products that offer zero day protection.

While the Code Red (2001) virus took 17 months to strike after the vulnerability was discovered and announced, Sasser hit in about a fortnight, he pointed out.

"With the number of vulnerabilities announced each day rising, we could soon have worms striking within hours," he added.

While Sasser does not damage data, it causes an abrupt shutdown in the machine. When the user tries to restart the machine, he is unable to do so as each time the virus shuts it off.