A report just released by Computer Economics, the Californian IT security research firm, claims to show that the direct cost of damages from malware attacks has actually been declining over the last few years.
In 2006, says the report - entitled `The Economic Impact of Viruses, Spyware, Adware, Botnets and Other Malicious Code' - direct damages fell to $13.3 billion, from $14.2 billion in 2005, and from $17.5 billion in 2004.
The reason for this fall, says Mark McManus, the firm's vice president, is that IT security systems are becoming more widely deployed, as well as more effective.
Interestingly, the report found that malware authors are now becoming focused on making money from malware.
"Rather than wreak havoc, cyber-criminals are using infected machines to serve as spam proxies, perpetuate click-fraud, or sniff passwords, for example," said McManus.
The report pretty well confirms discussions I've had with a number of IT security vendors this last few months. These suggest that large numbers of malware authors are being employed - or are selling their abilities - to the criminal fraternity.
I wonder of the Russian mafia has anything to do with this trend...