Proliferation of Cybercrime increases risks to public safety and national security

New Delhi, 23rd July, 2014: Truth Labs, India’s first independent Forensic Science Lab, today reiterated linkages between the proliferation of cybercrime through the use of pirated and counterfeit software to the breaches in the information, communication and network security that eventually lead to multidimensional risks and threats to Public Safety and National Security. The detailed vulnerability study titled Piracy and Counterfeit Software: Emerging Risks and Threats to Public Safety and National Security, launched today by Truth Labs, tested 230 samples consisting of 174 in DVD form and 56 as preinstalled products in laptops, which led to a conclusion that different types of malware detected in majority of the samples are susceptible to wide variety of risks and threats related to Intellectual Property (IP) theft, data leakage among others.

Key threats identified in the study samples can be listed as below:

● About 65% of the samples had more than one category of Malware.
● The majority of the Malware identified in the samples enabled remote access and control by hackers followed by backdoors and keylogger which pose a threat to the privacy of the user.
● Remote Access, Remote CodeExecution and attacks by Trojans & worms were the three major categories of threats found.
● 90% of the samples in the form of DVDs gave false positive results in Anti-Piracy Checktests, thereby cheating the users to believe the installed product to be a genuine one.

The report was launched by Dr. Gulshan Rai, Director General, CERT- In in the presence of Dr. Gandhi Kaza, Founder Chairman, Truthlabs in New Delhi.  The report was commissioned by Microsoft India.

The use of malware infected products can cause substantial productivity losses to the manufacturers, economic losses to the businesses, besides posing serious security risks and threats to the critical infrastructure of the Government.

As per the report, 65% of the samples were found to have more than one category of malware, which can bring down an entire network and can be misused by hackers to create bots that can attack larger networks including SCADA systems protecting national resources such as Power Grids, Satellite communications. The majority of the malware identified in the samples enabled remote access and control by hackers followed by backdoors and keylogger which pose a threat to the privacy of the user. Increasing risks were highlighted in the areas of Remote Access, Remote Code Execution and attacks by Trojans & worms, which also forms three major categories of threats found in the samples under study.

Commenting on the launch of report, Dr. Gandhi Kaza, Founder Chairman, Truthlabs, said, “Our study suggests the massive scale at which malware was being distributed through usage of pirated and counterfeit software in India. This urgently calls for a series of measures to preclude impending risks and vulnerabilities to Public Safety and National Security. We are extremely concerned about the serious security risks and threats to the critical infrastructure of the Government that has been on the radar of cybercriminals.”

“Cybercriminals exploit every opportunity to make an easy profit by inserting malware onto pirated software which threatens consumers, businesses and governments,” said Vipin Aggarwal, Senior Attorney and Director IP, Microsoft.  “Microsoft has been continuously working on combating cybercrime for many years. As part of our focus on fighting this growing hazard, this research was commissioned to demonstrate the connection between cybersecurity, malware and piracy around the world. ”

The research based analysis of security related risks due to use of pirated and counterfeit software initiated by Truth Labs in collaboration with Microsoft India is primarily aimed at identifying the piracy landscape and the nature and level of vulnerabilities of pirated Microsoft products across India. Meanwhile, the research found that indirect security threats also include users or organizations unknowingly becoming part of a larger nexus of anti-social elements funding and supporting illegal activities such as organized crime, money laundering, drug trafficking, cyber terrorism and other related risks and vulnerabilities. Today’s networked environment with global internet connectivity thus has enormous potential to cause damage and destroy the critical infrastructure of any nation or group of nations anywhere across the globe.

The study further identifies that most of the pirated and counterfeit software are aimed at data stealing and therefore its use in the critical infrastructure of the government would pose a high security risk to Public Safety and National Security. The threats include stealing of confidential data like internet banking usernames, passwords, credit card details etc., leading to huge monetary loss to the end-user besides making the installed system continuously vulnerable to attacks.

About Truth Labs
Truth Labs is India’s first independent Forensic Science Lab. Truth Labs was established with the sole objective of helping the victims of Crime and Injustice by providing Scientific Investigation and Detective services using modern Forensic tools and techniques at affordable costs with International Quality. Truth Labs is a subsidiary of Truth Foundation, a non profit, non government, public charitable society set up with the sole aim of reviving the age old tradition of Truth and Justice in the Indian society. Set up in Oct 2007, an initiative of Dr. K. P. C. Gandhi, Former Inspector General of Police and Director, Andhra Pradesh Forensic Science Lab who was responsible for India’s leading and Model Forensic Lab at Hyderabad, the APFSL with ISO 9001 and ISO 17025 certification