News
3/19/2014
05:10 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

A Cybercrime Gang-Software Pirate Mash-Up

New report illustrates lucrative market for malware-riddled, pirated software -- and the cost to enterprises

Cybercrime gangs are always looking for new revenue streams, so it should come as no surprise that they are using pirated software as yet another way to make money.

The explosion in bring-your-own devices coming to work every day has exposed enterprises to pirated and tainted software. A new report published today by IDC and the National University of Singapore found that organized crime is costing enterprises worldwide more than $315 billion a year, as they become more and more exposed to pirated software rigged with malware. The report projects that businesses worldwide will spend close to $500 billion this year to clean up and recover from pirated software infected with malware that makes its way into their organizations. Those costs break down to $127 billion for security issues and another $364 billion in costs of data breaches linked to the tainted software.

The study, which was commissioned by Microsoft, attributes two-thirds of those losses -- $315 billion -- to criminal organizations profiting from pirated, tainted software.

"It's not surprising to me that there are a lot of losses" with pirated software, says John Gantz, senior vice president at IDC. "I'm surprised we [as an industry] didn't realize before that criminal organizations would be there."

David Finn, associate general counsel and executive director of the Microsoft Cybercrime Center, says one of the most violent drug cartels in Mexico, La Familia, made more than $2 million a day just from illegally distributing Microsoft software. "Just as they put their logo on cocaine, they put their logo on counterfeit Microsoft software," Finn says. "It's another revenue stream for them, and probably a more secure one from their perspective" that is less risky, he says.

It's all about following the money and diversifying their business model, he says.

Pirated products -- software as well as movies and pictures -- are interconnected with the criminal world, says Richard Domingues Boscovich, assistant general counsel for Microsoft's Digital Crimes Unit. Pirated software is "a delivery mechanism for malware," he says.

The bad guys make money selling the counterfeit software, plus if their sale results in a new bot machine. "They have the opportunity to profit twice," Finn says. "The victimize the user, but then that machine can become part of a botnet that victimizes other people."

Some regions are suffering more than others, of course: The Asia-Pacific region, which has both a massive number PCs due to its high population, also has a high software piracy rate. That region is expected to suffer more than 45 percent of all enterprise losses from malware on pirated software, and more than 40 percent of all consumer losses.

Governments worldwide, meanwhile, this year are expected to lose some $50 billion in damages due to malware on pirated software. Government officials say they worry most about losing intellectual property and trade secrets (59 percent), unauthorized access to confidential information (55 percent), and critical infrastructure cyberattacks (55 percent).

Consumers are the obvious at-risk category for getting infected by software they buy in pirated form. They have a 33 percent chance of getting infected when they install pirated software or purchase a PC with pirated software. The National University of Singapore conducted an experiment for the report, purchasing in 11 different countries 203 PCs with pirated software. More than 60 percent of those machines were infected with malware.

BYOD is putting enterprises at risk of malware via pirated software. According to the study, 27 percent of employees install their own software on their work PCs, which accounted for 20 percent of pirated software found in those organizations. And that's just PCs -- the mass of mobile devices in use introduce yet another venue of infection via tainted apps.

"All it takes is one," Microsoft's Boscovich says. "You've got to make sure your supply chain is clean, you do BYOD updates, and that [the devices] are loaded with legitimate software" and are updated, he says.

The full report, "The Link between Pirated Software and Cybersecurity Breaches: How Malware in Pirated Software Is Costing the World Billions," is available here (PDF) for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Senior Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio