News
3/19/2014
05:10 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

A Cybercrime Gang-Software Pirate Mash-Up

New report illustrates lucrative market for malware-riddled, pirated software -- and the cost to enterprises

Cybercrime gangs are always looking for new revenue streams, so it should come as no surprise that they are using pirated software as yet another way to make money.

The explosion in bring-your-own devices coming to work every day has exposed enterprises to pirated and tainted software. A new report published today by IDC and the National University of Singapore found that organized crime is costing enterprises worldwide more than $315 billion a year, as they become more and more exposed to pirated software rigged with malware. The report projects that businesses worldwide will spend close to $500 billion this year to clean up and recover from pirated software infected with malware that makes its way into their organizations. Those costs break down to $127 billion for security issues and another $364 billion in costs of data breaches linked to the tainted software.

The study, which was commissioned by Microsoft, attributes two-thirds of those losses -- $315 billion -- to criminal organizations profiting from pirated, tainted software.

"It's not surprising to me that there are a lot of losses" with pirated software, says John Gantz, senior vice president at IDC. "I'm surprised we [as an industry] didn't realize before that criminal organizations would be there."

David Finn, associate general counsel and executive director of the Microsoft Cybercrime Center, says one of the most violent drug cartels in Mexico, La Familia, made more than $2 million a day just from illegally distributing Microsoft software. "Just as they put their logo on cocaine, they put their logo on counterfeit Microsoft software," Finn says. "It's another revenue stream for them, and probably a more secure one from their perspective" that is less risky, he says.

It's all about following the money and diversifying their business model, he says.

Pirated products -- software as well as movies and pictures -- are interconnected with the criminal world, says Richard Domingues Boscovich, assistant general counsel for Microsoft's Digital Crimes Unit. Pirated software is "a delivery mechanism for malware," he says.

The bad guys make money selling the counterfeit software, plus if their sale results in a new bot machine. "They have the opportunity to profit twice," Finn says. "The victimize the user, but then that machine can become part of a botnet that victimizes other people."

Some regions are suffering more than others, of course: The Asia-Pacific region, which has both a massive number PCs due to its high population, also has a high software piracy rate. That region is expected to suffer more than 45 percent of all enterprise losses from malware on pirated software, and more than 40 percent of all consumer losses.

Governments worldwide, meanwhile, this year are expected to lose some $50 billion in damages due to malware on pirated software. Government officials say they worry most about losing intellectual property and trade secrets (59 percent), unauthorized access to confidential information (55 percent), and critical infrastructure cyberattacks (55 percent).

Consumers are the obvious at-risk category for getting infected by software they buy in pirated form. They have a 33 percent chance of getting infected when they install pirated software or purchase a PC with pirated software. The National University of Singapore conducted an experiment for the report, purchasing in 11 different countries 203 PCs with pirated software. More than 60 percent of those machines were infected with malware.

BYOD is putting enterprises at risk of malware via pirated software. According to the study, 27 percent of employees install their own software on their work PCs, which accounted for 20 percent of pirated software found in those organizations. And that's just PCs -- the mass of mobile devices in use introduce yet another venue of infection via tainted apps.

"All it takes is one," Microsoft's Boscovich says. "You've got to make sure your supply chain is clean, you do BYOD updates, and that [the devices] are loaded with legitimate software" and are updated, he says.

The full report, "The Link between Pirated Software and Cybersecurity Breaches: How Malware in Pirated Software Is Costing the World Billions," is available here (PDF) for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1414
Published: 2015-02-27
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.

CVE-2015-2072
Published: 2015-02-27
Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1.00.73.00.389160) and HANA Developer Edition 80 (1.00.80.00.391861) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) ide/core/plugins/editor/templates/trace/hanaTraceDetailService.xsjs or...

CVE-2015-2075
Published: 2015-02-27
SAP BussinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.

CVE-2015-2076
Published: 2015-02-27
The Auditing service in SAP BussinessObjects Edge 4.0 allows remote attackers to obtains sensitive information by reading an audit event, aka SAP Note 2011395.

CVE-2015-2101
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.