Protecting the office from cyber-attack
Any Internet-connected computer can be hijacked and used to send spam by an expert hacker.
Virus expert Mikko Hypponen offers his advice on keeping viruses at bay.
1. Know your enemy
"We can basically group our enemy in four main groups. We have the hobbyists, the kids who sit in basements and take out their frustrations by writing viruses. That's by far the largest group and that's where most of the caught virus-writers come from. Then we have the criminals who write viruses to make money and that's grown drastically. The last two groups are activists and anarchists and possibly even terrorists who want to write viruses for a higher cause. And then of course we also have the spying element, which may be for industrial espionage or something even more sinister."
2. Get protected
"Protection hasn't really changed drastically. There's still the three main rules that you have to have an ant-virus on every single computer, you have to have a firewall on every single computer and you have to keep the patches up to date on every single computer."
3. Turn your computer off
"If your computer is off, nothing can hit it. That's what I often recommend to people who have cables or modems in their home. When you're not using your computer just turn it off or at the very least just disconnect the cable. There's no need to have your computer online 24 hours as a target of an attack when you're sleeping or away from your computer."
4. Be prepared
"The situation on the internet right now is so bad that if you go and buy a brand new computer and turn it on and plug it into the Internet it will be infected by a worm within five to 10 minutes. You won't even have enough time to go online and download all the patches to your computer before it already is infected."
Global Office is interviewing ex-General Electric CEO Jack Welch and wants to hear from you. E-mail us
your management queries and Becky Anderson could put your question to one of the most experienced figures in business.
ON CNNI TV
for Global Office show times on CNN International.
(CNN) -- Companies are spending an increasing amount of time and money protecting their systems from viruses and spam -- and the problem is worsening.
Even the latest anti-virus software and expensive firewalls cannot fully protect the unsuspecting office or small business computer from the latest hacker attacks.
The latest technique -- identity theft -- where computers are hijacked and turned into spamming machines -- have led many analysts to believe cyber-crooks maybe gaining the upper hand on Internet security.
The activity is being assisted by the proliferation of high-speed Internet connections, where computers are left permanently connected, both at home and at work.
"The situation on the Internet right now is so bad that if you go and buy a brand new computer and turn it on and plug it into the Internet, it will be infected by a worm within five to ten minutes," Mikko Hypponen of virus research firm F-Secure Corp. told CNN.
"You will not even have enough time to go online and download all the patches to your computer before it is infected."
Hundreds of thousands of PCs worldwide have been plagued by viruses and spam. According to Microsoft's Anti-Spam technology division it is costing up to $20.5 billion annually in lost business and repair work.
Earlier this year the MyDoom.M virus tempted office workers to open an e-mail folder containing details about a supposed undeliverable message.
Cleverly it was sent to staff after the weekend when they faced inboxes full of mail. The virus then sent copies of itself to all e-mail addresses on the PC's hard drive.
By fooling tens of thousands of technology-savvy office workers the virus knocked out Internet search engines Google, Yahoo, Lycos and AltaVista for several hours.
Yet the formula for virus protection has changed little for users over the years, Hypponen advocates three main rules in order to protect a PC.
"You have to have anti-virus software on every single computer," he says. "You have to have a firewall on every single computer and you have to keep the patches up to date on every single computer."
In many cases having the computer always turned on allows infected terminals to be turned into "zombies," allowing spammers and digital saboteurs to hijack a machine, which is then used to send out malicious code.
A harnessed network of zombie PCs creates a more powerful resource for fraudsters -- experts call this a "botnet."
"If your computer is off, nothing is going to hit it. That is what I often recommend to people who have cables or modems -- at the very least just disconnect the cable," explains Hypponen.
"There is no need to have your computer online 24 hours (a day) as a target of an attack when you are sleeping or away from your computer."
Not all is lost on the virus front -- as cyber-crime goes global and becomes more time consuming for anti-virus companies, firms are turning to more efficient labor sources to produce "patches" or virus solutions.
"(Today) the ability to counter (viruses), is a lot greater because ultimately it takes a lot of new code to (create) little patches," according to Bundeep Singh Rangar, founder and chief operating officer of global investment firm Ariadne Capital.
"When you have a larger pool of labor out there at a lower price, (such as in India) you have the ability to write a patch software to fix a program, it is probably better than having a scalable resource."
--CNN's Neil Curry contributed to this report